August 23, 2024 at 03:00PM SolarWinds has released a patch for a second critical vulnerability in its Web Help Desk software, addressing hardcoded credentials that could allow remote attackers to modify data. The patch also addresses a previous Java deserialization issue. Customers are urged to update immediately to mitigate potential exploitation by threat actors. Based … Read more
August 23, 2024 at 04:09AM SolarWinds released a second hotfix for an exploited Web Help Desk vulnerability, removing hardcoded credentials and fixing an SSO issue. The CVE-2024-28987 vulnerability with a CVSS score of 9.1 could allow remote users to access internal functionality. CISA quickly added the bug to its Known Exploited Vulnerabilities catalog, urging immediate … Read more
August 22, 2024 at 06:48PM SolarWinds acknowledged a critical security flaw (CVE-2024-28987) in its Web Help Desk (WHD) product, affecting versions 12.8.3 HF1 and earlier. The flaw allows unauthenticated attackers to manipulate sensitive data. An update, HF2, has been released to address the issue. Another critical vulnerability (CVE-2024-28986) has also been identified, with exploitation potential … Read more
August 22, 2024 at 01:54PM SolarWinds has released patches to fix a new security flaw in its Web Help Desk software that could permit unauthorized access. Tracked as CVE-2024-28987, the vulnerability is rated 9.1 in severity. Users are advised to update to version 12.8.3 Hotfix 2 to address the issue. Further details will be disclosed … Read more