Lucene search
CISACISA-KEV-CVE-2024-28986HistoryAug 15, 2024 - 12:00 a.m.
SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
2024-08-1500:00:00
CISA
www.cisa.gov
83
solarwinds
help desk
untrusted data
vulnerability
remote code execution
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.9
Confidence
Low
EPSS
0.03
Percentile
91.1%
SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.
Related
cvelist
cvelist
nessus
nessus
SolarWinds Web Help Desk < 12.8.3 HF 1 Deserialization RCE
2024-08-15 00:00:00
attackerkb
attackerkb
CVE-2024-28986
2024-08-13 00:00:00
vulnrichment
vulnrichment
cve
cve
CVE-2024-28986
2024-08-13 23:15:16
nvd
nvd
CVE-2024-28986
2024-08-13 23:15:16
thn
thn
Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
2024-08-22 16:35:00
SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software
2024-08-15 13:19:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.9
Confidence
Low
EPSS
0.03
Percentile
91.1%
Related for CISA-KEV-CVE-2024-28986