Mitigation Instructions for CVE-2024-28987
Subject: Mitigating CVE-2024-28987: Hardcoded Credentials Vulnerability in SolarWinds Web Help Desk
1 min read
CyRisk Vulnerability Management Team : Jul 12, 2024 4:58:31 PM
Subject: PHP 5.6.x < 5.6.7 Multiple Vulnerabilities
Tech Stack:
Date Issued:
Criticality:
Overview:
Attack Mechanisms:
unserialize
function to execute arbitrary code.regcomp
(CVE-2015-2305):
_zip_cdir_new
(CVE-2015-2331):
move_uploaded_file
(CVE-2015-2348):
process_nested_data
(CVE-2015-2787):
SoapClient::__call
(CVE-2015-4147, CVE-2015-4148):
Affected Systems:
Mitigation Solution:
References:
Subject: Mitigating CVE-2024-28987: Hardcoded Credentials Vulnerability in SolarWinds Web Help Desk
Subject: Mitigating CVE-2017-1000486: Remote Code Execution Vulnerability in PrimeTek PrimeFaces
Subject: Mitigating Vulnerability in Unsupported Drupal 8.x