Use of Hard-coded Cryptographic Key
CVE-2024-28989
Summary
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the disclosure of sensitive information from the software.
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- HIGH
- NONE
CWE-321 - Use of Hard-coded Cryptographic Key
The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.
References
Advisory Timeline
- Published
