CNNVD-202507-3590 Information
CNNVD ID
CNNVD-202507-3590
Related CVE
- CNNVD Published: 2025-07-29
Description (Chinese)
SolarWinds Web Help Desk是美国SolarWinds公司的一套服务台和资产管理软件。该软件支持集中式知识库、IT资产管理、项目和任务管理等功能。 SolarWinds Web Help Desk存在代码问题漏洞,该漏洞源于XML外部实体注入,可能导致信息泄露。
Description (English)
SolarWinds Web Help Desk is a service desk and asset management software for SolarWinds in the United States. The software supports functions such as a centralized knowledge base, IT asset management, project and task management. SolarWinds Web Help Desk has a code breach that originates from the injection of an outside XML entity and could lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
SolarWinds
Published
2025-07-29
Last Modified
2026-02-24
References
https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-7_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26400
Patch
https://www.solarwinds.com/trust-center/security-advisories/cve-2025-26400
Share on: