CVE-2024-45709

MEDIUM

SolarWinds Web Help Desk < 12.8.4 - Local File Read via Path Traversal

Title source: llm

Description

SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.

References (2)

Core 2

Core References

Release Notes

https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-4_release_notes.htm

Vendor Advisory

https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45709

Scores

CVSS v3 5.3

EPSS 0.0066

EPSS Percentile 71.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

solarwinds/web_help_desk < 12.8.4

Published Dec 10, 2024

Tracked Since Feb 18, 2026