CVE-2024-45709

Published Dec 10, 2024

Last updated 2 days ago

CVSS medium 5.3

Overview

Description: SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.
Source: psirt@solarwinds.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

psirt@solarwinds.com: CWE-22

Hype score: Not currently trending

Linux: id: CVE-2024-45709 sourceIdentifier: psirt@solarwinds.com published: 2024-12-10T09:15:06.013 vulnStatus: Awaiting Analysis BaseSeverity: MEDIUM baseScore: 5.3 https://t.co/KYqkQgro28
@CVETracker
16 Dec 2024
58 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:solarwinds:web_help_desk:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6942AFC4-2547-43B4-9FBC-D10690379691",
            "versionEndExcluding": "12.8.4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References