Vulnerability Description
SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future.
CVSS Score
8.2
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Solarwinds | Webhelpdesk | < 12.7.8 |
Related Weaknesses (CWE)
References
- https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-8-HotfMitigationRelease NotesVendor Advisory
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35254PatchVendor Advisory
- https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-8-HotfMitigationRelease NotesVendor Advisory
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35254PatchVendor Advisory
FAQ
What is CVE-2021-35254?
CVE-2021-35254 is a vulnerability with a CVSS score of 8.2 (HIGH). SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future.
How severe is CVE-2021-35254?
CVE-2021-35254 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-35254?
Check the references section above for vendor advisories and patch information. Affected products include: Solarwinds Webhelpdesk.