PT-2026-5076 · Solarwinds · Solarwinds Web Help Desk
Published
2026-01-28
·
Updated
2026-05-04
·
CVE-2025-40554
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
SolarWinds Web Help Desk versions 12.8.8 HF1 and earlier
Description
SolarWinds Web Help Desk is affected by an authentication bypass issue. Successful exploitation could allow a remote attacker to bypass security restrictions and perform specific actions within Web Help Desk. The issue relates to flaws in the authentication procedure.
Recommendations
Versions prior to 12.8.8 HF1 should be updated.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Solarwinds Web Help Desk