CVE-2024-28987 SolarWinds CVE debrief

Who should care

Organizations that use SolarWinds Web Help Desk, especially security operations teams, system administrators, vulnerability management teams, and asset owners responsible for internet-facing or internally deployed help desk systems.

Technical summary

The available source corpus identifies CVE-2024-28987 as a hardcoded credential issue in SolarWinds Web Help Desk. CISA recorded it in KEV on 2024-10-15 with a remediation due date of 2024-11-05 and directs affected organizations to follow vendor mitigation guidance or stop using the product if no mitigations are available.

Defensive priority

Critical

Recommended defensive actions

• Check whether SolarWinds Web Help Desk is deployed anywhere in your environment, including test and auxiliary systems.
• Review the SolarWinds security advisory for CVE-2024-28987 and apply any vendor-provided mitigations immediately.
• If mitigations are not available or cannot be applied quickly, discontinue use of the product per CISA guidance.
• Validate whether any exposed credentials or related access paths need to be rotated or removed as part of your response plan.
• Track remediation against the CISA KEV due date of 2024-11-05 and verify completion with asset owners.

Evidence notes

This debrief is grounded in the supplied CISA KEV entry and the official references provided in the corpus: the SolarWinds advisory link and the NVD record. The corpus identifies the vulnerability name, vendor, product, KEV status, dateAdded of 2024-10-15, and dueDate of 2024-11-05. No CVSS score was supplied.

Official resources