Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk post, augustus 22, 2024augustus 23, 2024 SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances. “The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated user to access internal functionality and modify data,” the company said in a new advisory released today. The issue, tracked as CVE-2024-28987, is rated 9.1 on the CVSS scoring system, indicating critical severity. Horizon3.ai security researcher Zach Hanley has been credited with discovering and reporting the flaw. Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk (thehackernews.com): Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk cybersecurity 2024