Mitigation Instructions for CVE-2024-28987
Subject: Mitigating CVE-2024-28987: Hardcoded Credentials Vulnerability in SolarWinds Web Help Desk
1 min read
CyRisk Vulnerability Management Team : Feb 22, 2024 2:03:26 PM
SUBJECT: CVE-2023-44487 Uncontrolled Resource Consumption
TECH STACK:
DATE(S) ISSUED: 10/10/2023
NVD Last Modified: 02/02/2024
CRITICALITY: HIGH (CVE Base Score: 7.5)
OVERVIEW:
This vulnerability affects the HTTP/2 Protocol, widely used for web communication. It allows attackers to send rapid requests and cancellations, consuming server resources and potentially causing denial-of-service (DoS), exploited in October 2023, causing record-breaking DoS attacks.
ATTACK MECHANISMS:
AFFECTED SYSTEMS:
MITIGATION SOLUTION:
Confirmation & Additional Information:
REFERENCES:
Third Party Advisories:
Subject: Mitigating CVE-2024-28987: Hardcoded Credentials Vulnerability in SolarWinds Web Help Desk
Subject: Mitigating CVE-2017-1000486: Remote Code Execution Vulnerability in PrimeTek PrimeFaces
Subject: Mitigating Vulnerability in Unsupported Drupal 8.x