Vulnerability: Hard Coded Credentials in SolarWinds Web Help Desk

Vulnerability: Hard Coded Credentials in SolarWinds Web Help Desk

CVE-2021-35232 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users or insert arbitrary data into the database.

Learn more about our Web App Pen Testing.