CVE-2024-45709: SolarWinds Web Help Desk Local File Read Vulnerability

5.3 CVSS

Description

SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.

Classification

CVE ID: CVE-2024-45709

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.3

Affected Products

Vendor: SolarWinds

Product: Web Help Desk

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.09% (probability of being exploited)

EPSS Percentile: 40.27% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45709
https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-4_release_notes.htm

Timeline

2024-12-11 00:30:58 UTC
CVE

SolarWinds Web Help Desk Local File Read Vulnerability