HTTP: SolarWinds Web Help Desk AjaxProxy Insecure Deserialization
This signature detects attempts to exploit a known vulnerability against SolarWinds. A successful attack can lead to arbitrary code execution.
Extended Description
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticatedvulnerability, SolarWinds has been unable to reproduce itwithout authenticationafter thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.
Affected Products
Solarwinds web_help_desk
References
CVE: CVE-2024-28988
Short Name
HTTP:CTS:SOLAR-WIND-AJX-PROXY
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
AjaxProxy CVE-2024-28986 CVE-2024-28988 Deserialization Desk Help Insecure SolarWinds Web
Release Date
09/20/2024
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3753
False Positive
Unknown
Vendors
Solarwinds