← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-28987 — Actively Exploited: Web Help Desk (SolarWinds)

SolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data.

CVE IDCVE-2024-28987
VendorSolarWinds
ProductWeb Help Desk
Vulnerability nameSolarWinds Web Help Desk Hardcoded Credential Vulnerability
Date added2024-10-15
Remediation due2024-11-05
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionSolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →