Description
SolarWinds Web Help Desk has a Java object deserialization vulnerability (based on the detected version). An unauthenticated attacker could send a specially crafted serialized request to execute arbitrary code on the system.
Remediation
Upgrade to the latest version of SolarWinds Web Help Desk.
References
Related Vulnerabilities
Oracle Business Intelligence Adfresource Path traversal CVE-2019-2588
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-19126)
TYPO3 Cryptographic Issues Vulnerability (CVE-2013-7075)
PHP Other Vulnerability (CVE-2021-21707)
WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10101)