cvelistv5 - cve-2024-28986

CVE-2024-28986 (GCVE-0-2024-28986)

Vulnerability from cvelistv5 – Published: 2024-08-13 22:06 – Updated: 2025-10-21 22:55

CISA

Summary

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-502 - Deserialization of Untrusted Data

Assigner

SolarWinds

References

URL

Tags

	https://www.solarwinds.com/trust-center/security-…
	https://support.solarwinds.com/SuccessCenter/s/ar…

Impacted products

	Vendor	Product	Version
	SolarWinds	Web Help Desk	Affected: previous versions , ≤ 12.8.3 (12.8.3)

Credits

Inmarsat Government / Viasat

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2024-08-15

Due date: 2024-09-05

Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Unknown

Notes: https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28986; https://nvd.nist.gov/vuln/detail/CVE-2024-28986

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:solarwinds:webhelpdesk:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "webhelpdesk",
            "vendor": "solarwinds",
            "versions": [
              {
                "lessThanOrEqual": "12.8.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-28986",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-15T14:32:53.512984Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-08-15",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28986"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T22:55:47.324Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28986"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2024-08-15T00:00:00+00:00",
            "value": "CVE-2024-28986 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Web Help Desk",
          "vendor": "SolarWinds",
          "versions": [
            {
              "lessThanOrEqual": "12.8.3",
              "status": "affected",
              "version": "previous versions",
              "versionType": "12.8.3"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Inmarsat Government / Viasat"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. \u003c/p\u003e\u003cp\u003eWhile it was reported as an \u003cem\u003eunauthenticated\u003c/em\u003e\u0026nbsp;vulnerability, SolarWinds has been \u003cem\u003eunable to reproduce it\u003c/em\u003e\u0026nbsp;\u003cem\u003ewithout authentication\u003c/em\u003e\u0026nbsp;after thorough testing. \u0026nbsp;\u003c/p\u003e\u003cp\u003eHowever, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available. \u003c/p\u003e"
            }
          ],
          "value": "SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. \n\nWhile it was reported as an unauthenticated\u00a0vulnerability, SolarWinds has been unable to reproduce it\u00a0without authentication\u00a0after thorough testing. \u00a0\n\nHowever, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-586",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-586 Object Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-14T16:53:10.914Z",
        "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "shortName": "SolarWinds"
      },
      "references": [
        {
          "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986"
        },
        {
          "url": "https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "All SolarWinds Web Help Desk customers are advised to upgrade to the latest version of the SolarWinds Web Help Desk 12.8.3 HF 1\u003cbr\u003e"
            }
          ],
          "value": "All SolarWinds Web Help Desk customers are advised to upgrade to the latest version of the SolarWinds Web Help Desk 12.8.3 HF 1"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
    "assignerShortName": "SolarWinds",
    "cveId": "CVE-2024-28986",
    "datePublished": "2024-08-13T22:06:45.234Z",
    "dateReserved": "2024-03-13T20:27:09.782Z",
    "dateUpdated": "2025-10-21T22:55:47.324Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2024-28986",
      "cwes": "[\"CWE-502\"]",
      "dateAdded": "2024-08-15",
      "dueDate": "2024-09-05",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28986; https://nvd.nist.gov/vuln/detail/CVE-2024-28986",
      "product": "Web Help Desk",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.",
      "vendorProject": "SolarWinds",
      "vulnerabilityName": "SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2024-09-05",
      "cisaExploitAdd": "2024-08-15",
      "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "cisaVulnerabilityName": "SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:solarwinds:web_help_desk:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8.2\", \"matchCriteriaId\": \"5426A720-F345-4C8E-B5B5-76639D447A6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:solarwinds:web_help_desk:12.8.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"331BF887-F099-419E-9664-EE2EC76E2E23\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. \\n\\nWhile it was reported as an unauthenticated\\u00a0vulnerability, SolarWinds has been unable to reproduce it\\u00a0without authentication\\u00a0after thorough testing. \\u00a0\\n\\nHowever, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.\"}, {\"lang\": \"es\", \"value\": \"Se descubri\\u00f3 que SolarWinds Web Help Desk era susceptible a una vulnerabilidad de ejecuci\\u00f3n remota de c\\u00f3digo de deserializaci\\u00f3n de Java que, si se explota, permitir\\u00eda a un atacante ejecutar comandos en la m\\u00e1quina host. Si bien se inform\\u00f3 como una vulnerabilidad no autenticada, SolarWinds no pudo reproducirla sin autenticaci\\u00f3n despu\\u00e9s de pruebas exhaustivas.  Sin embargo, por precauci\\u00f3n, recomendamos a todos los clientes de Web Help Desk que apliquen el parche, que ya est\\u00e1 disponible.\"}]",
      "id": "CVE-2024-28986",
      "lastModified": "2024-08-16T15:04:28.150",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@solarwinds.com\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2024-08-13T23:15:16.627",
      "references": "[{\"url\": \"https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@solarwinds.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"psirt@solarwinds.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-28986\",\"sourceIdentifier\":\"psirt@solarwinds.com\",\"published\":\"2024-08-13T23:15:16.627\",\"lastModified\":\"2025-10-27T17:01:47.020\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. \\n\\nWhile it was reported as an unauthenticated\u00a0vulnerability, SolarWinds has been unable to reproduce it\u00a0without authentication\u00a0after thorough testing. \u00a0\\n\\nHowever, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 que SolarWinds Web Help Desk era susceptible a una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de deserializaci\u00f3n de Java que, si se explota, permitir\u00eda a un atacante ejecutar comandos en la m\u00e1quina host. Si bien se inform\u00f3 como una vulnerabilidad no autenticada, SolarWinds no pudo reproducirla sin autenticaci\u00f3n despu\u00e9s de pruebas exhaustivas.  Sin embargo, por precauci\u00f3n, recomendamos a todos los clientes de Web Help Desk que apliquen el parche, que ya est\u00e1 disponible.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2024-08-15\",\"cisaActionDue\":\"2024-09-05\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability\",\"weaknesses\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:solarwinds:web_help_desk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8.2\",\"matchCriteriaId\":\"5426A720-F345-4C8E-B5B5-76639D447A6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:solarwinds:web_help_desk:12.8.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"331BF887-F099-419E-9664-EE2EC76E2E23\"}]}]}],\"references\":[{\"url\":\"https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Vendor Advisory\",\"Broken Link\"]},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28986\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-28986\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-15T14:32:53.512984Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-08-15\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28986\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:solarwinds:webhelpdesk:*:*:*:*:*:*:*:*\"], \"vendor\": \"solarwinds\", \"product\": \"webhelpdesk\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.8.3\"}], \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-08-15T00:00:00+00:00\", \"value\": \"CVE-2024-28986 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28986\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-15T14:35:07.979Z\"}}], \"cna\": {\"title\": \"SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Inmarsat Government / Viasat\"}], \"impacts\": [{\"capecId\": \"CAPEC-586\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-586 Object Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SolarWinds\", \"product\": \"Web Help Desk\", \"versions\": [{\"status\": \"affected\", \"version\": \"previous versions\", \"versionType\": \"12.8.3\", \"lessThanOrEqual\": \"12.8.3\"}], \"defaultStatus\": \"affected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"All SolarWinds Web Help Desk customers are advised to upgrade to the latest version of the SolarWinds Web Help Desk 12.8.3 HF 1\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"All SolarWinds Web Help Desk customers are advised to upgrade to the latest version of the SolarWinds Web Help Desk 12.8.3 HF 1\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986\"}, {\"url\": \"https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. \\n\\nWhile it was reported as an unauthenticated\\u00a0vulnerability, SolarWinds has been unable to reproduce it\\u00a0without authentication\\u00a0after thorough testing. \\u00a0\\n\\nHowever, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eSolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. \u003c/p\u003e\u003cp\u003eWhile it was reported as an \u003cem\u003eunauthenticated\u003c/em\u003e\u0026nbsp;vulnerability, SolarWinds has been \u003cem\u003eunable to reproduce it\u003c/em\u003e\u0026nbsp;\u003cem\u003ewithout authentication\u003c/em\u003e\u0026nbsp;after thorough testing. \u0026nbsp;\u003c/p\u003e\u003cp\u003eHowever, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available. \u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502 Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"49f11609-934d-4621-84e6-e02e032104d6\", \"shortName\": \"SolarWinds\", \"dateUpdated\": \"2024-08-14T16:53:10.914Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-28986\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T22:55:47.324Z\", \"dateReserved\": \"2024-03-13T20:27:09.782Z\", \"assignerOrgId\": \"49f11609-934d-4621-84e6-e02e032104d6\", \"datePublished\": \"2024-08-13T22:06:45.234Z\", \"assignerShortName\": \"SolarWinds\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

NCSC-2024-0352

Vulnerability from csaf_ncscnl - Published: 2024-08-22 13:05 - Updated: 2024-08-22 13:05

Summary

Kwetsbaarheden verholpen in Solarwinds Web Helpdesk

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Solarwinds heeft kwetsbaarheden verholpen in Web Helpdesk

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om middels Java deserialisatie code uit te voeren op het systeem. Ook kan een kwaadwillende gebruik maken van hardcoded credentials om toegang te krijgen tot data en funtionaliteit.

Oplossingen

De ontwikkelaars van Solarwinds hebben een hotfix uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-502

Deserialization of Untrusted Data

CWE-798

Use of Hard-coded Credentials

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Solarwinds heeft kwetsbaarheden verholpen in Web Helpdesk",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om middels Java deserialisatie code uit te voeren op het systeem. Ook kan een kwaadwillende gebruik maken van hardcoded credentials om toegang te krijgen tot data en funtionaliteit.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "De ontwikkelaars van Solarwinds hebben een hotfix uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Use of Hard-coded Credentials",
        "title": "CWE-798"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd",
        "url": "https://support.solarwinds.com/SuccessCenter/s/article/SolarWinds-Web-Help-Desk-12-8-3-Hotfix-2"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Solarwinds Web Helpdesk",
    "tracking": {
      "current_release_date": "2024-08-22T13:05:56.658579Z",
      "id": "NCSC-2024-0352",
      "initial_release_date": "2024-08-22T13:05:56.658579Z",
      "revision_history": [
        {
          "date": "2024-08-22T13:05:56.658579Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "web_help_desk",
            "product": {
              "name": "web_help_desk",
              "product_id": "CSAFPID-821534",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:web_help_desk:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "web_help_desk",
            "product": {
              "name": "web_help_desk",
              "product_id": "CSAFPID-1616311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:web_help_desk:12.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "web_help_desk",
            "product": {
              "name": "web_help_desk",
              "product_id": "CSAFPID-1616312",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:web_help_desk:12.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "web_help_desk",
            "product": {
              "name": "web_help_desk",
              "product_id": "CSAFPID-1616313",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:web_help_desk:12.8.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "web_help_desk",
            "product": {
              "name": "web_help_desk",
              "product_id": "CSAFPID-1621458",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:web_help_desk:12.8.3_hotfix_1_and_previous_versions:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "web_help_desk",
            "product": {
              "name": "web_help_desk",
              "product_id": "CSAFPID-1621492",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:web_help_desk:12.8.3_hotfix_1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "web_help_desk",
            "product": {
              "name": "web_help_desk",
              "product_id": "CSAFPID-1618184",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:web_help_desk:12.8.3:-:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "web_help_desk",
            "product": {
              "name": "web_help_desk",
              "product_id": "CSAFPID-1616028",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:web_help_desk:12.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "web_help_desk",
            "product": {
              "name": "web_help_desk",
              "product_id": "CSAFPID-1616027",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:web_help_desk:previous_versions:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webhelpdesk",
            "product": {
              "name": "webhelpdesk",
              "product_id": "CSAFPID-1618124",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:solarwinds:webhelpdesk:12.8.3:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "solarwinds"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-28986",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1616027",
          "CSAFPID-1616028",
          "CSAFPID-821534",
          "CSAFPID-1618184"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28986",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28986.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1616027",
            "CSAFPID-1616028",
            "CSAFPID-821534",
            "CSAFPID-1618184"
          ]
        }
      ],
      "title": "CVE-2024-28986"
    },
    {
      "cve": "CVE-2024-28987",
      "cwe": {
        "id": "CWE-798",
        "name": "Use of Hard-coded Credentials"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Hard-coded Credentials",
          "title": "CWE-798"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1621458"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28987",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28987.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1621458"
          ]
        }
      ],
      "title": "CVE-2024-28987"
    }
  ]
}

FKIE_CVE-2024-28986

Vulnerability from fkie_nvd - Published: 2024-08-13 23:15 - Updated: 2025-10-27 17:01

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@solarwinds.com	https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1	Vendor Advisory, Broken Link
psirt@solarwinds.com	https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986	Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28986	US Government Resource

Impacted products

	Vendor	Product	Version
	solarwinds	web_help_desk	*
	solarwinds	web_help_desk	12.8.3

JSON

To clipboard

{
  "cisaActionDue": "2024-09-05",
  "cisaExploitAdd": "2024-08-15",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:solarwinds:web_help_desk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5426A720-F345-4C8E-B5B5-76639D447A6D",
              "versionEndIncluding": "12.8.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:solarwinds:web_help_desk:12.8.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "331BF887-F099-419E-9664-EE2EC76E2E23",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. \n\nWhile it was reported as an unauthenticated\u00a0vulnerability, SolarWinds has been unable to reproduce it\u00a0without authentication\u00a0after thorough testing. \u00a0\n\nHowever, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available."
    },
    {
      "lang": "es",
      "value": "Se descubri\u00f3 que SolarWinds Web Help Desk era susceptible a una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de deserializaci\u00f3n de Java que, si se explota, permitir\u00eda a un atacante ejecutar comandos en la m\u00e1quina host. Si bien se inform\u00f3 como una vulnerabilidad no autenticada, SolarWinds no pudo reproducirla sin autenticaci\u00f3n despu\u00e9s de pruebas exhaustivas.  Sin embargo, por precauci\u00f3n, recomendamos a todos los clientes de Web Help Desk que apliquen el parche, que ya est\u00e1 disponible."
    }
  ],
  "id": "CVE-2024-28986",
  "lastModified": "2025-10-27T17:01:47.020",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "psirt@solarwinds.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-08-13T23:15:16.627",
  "references": [
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Vendor Advisory",
        "Broken Link"
      ],
      "url": "https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1"
    },
    {
      "source": "psirt@solarwinds.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28986"
    }
  ],
  "sourceIdentifier": "psirt@solarwinds.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "psirt@solarwinds.com",
      "type": "Secondary"
    }
  ]
}

CERTFR-2024-AVI-0685

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans SolarWinds Web Help Desk. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	SolarWinds	Web Help Desk	Web Help Desk versions antérieures à 12.8.3

References

Title

Publication Time

Tags

Bulletin de sécurité SolarWinds cve-2024-28986

2024-08-09

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Web Help Desk versions ant\u00e9rieures \u00e0 12.8.3",
      "product": {
        "name": "Web Help Desk",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-28986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28986"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0685",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-08-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans SolarWinds Web Help Desk. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.",
  "title": "Vuln\u00e9rabilit\u00e9 dans SolarWinds Web Help Desk",
  "vendor_advisories": [
    {
      "published_at": "2024-08-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2024-28986",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28986"
    }
  ]
}

CERTFR-2024-AVI-0685

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans SolarWinds Web Help Desk. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	SolarWinds	Web Help Desk	Web Help Desk versions antérieures à 12.8.3

References

Title

Publication Time

Tags

Bulletin de sécurité SolarWinds cve-2024-28986

2024-08-09

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Web Help Desk versions ant\u00e9rieures \u00e0 12.8.3",
      "product": {
        "name": "Web Help Desk",
        "vendor": {
          "name": "SolarWinds",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-28986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28986"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0685",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-08-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans SolarWinds Web Help Desk. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.",
  "title": "Vuln\u00e9rabilit\u00e9 dans SolarWinds Web Help Desk",
  "vendor_advisories": [
    {
      "published_at": "2024-08-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SolarWinds cve-2024-28986",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28986"
    }
  ]
}

GSD-2024-28986

Vulnerability from gsd - Updated: 2024-04-02 05:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-28986

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-28986"
      ],
      "id": "GSD-2024-28986",
      "modified": "2024-04-02T05:02:55.460665Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-28986",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

GHSA-G536-H677-2W32

Vulnerability from github – Published: 2024-08-14 00:31 – Updated: 2025-10-22 00:33

Details

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine.

While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing.

However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-28986"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-13T23:15:16Z",
    "severity": "CRITICAL"
  },
  "details": "SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. \n\n\n\nWhile it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. \u00a0\n\n\n\nHowever, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.",
  "id": "GHSA-g536-h677-2w32",
  "modified": "2025-10-22T00:33:05Z",
  "published": "2024-08-14T00:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28986"
    },
    {
      "type": "WEB",
      "url": "https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28986"
    },
    {
      "type": "WEB",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-28986 (GCVE-0-2024-28986)

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

NCSC-2024-0352

FKIE_CVE-2024-28986

CERTFR-2024-AVI-0685

Solutions

CERTFR-2024-AVI-0685

Solutions

GSD-2024-28986

GHSA-G536-H677-2W32

Tags

Sightings

Nomenclature