{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-26400", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "state": "PUBLISHED", "assignerShortName": "SolarWinds", "dateReserved": "2025-02-08T00:19:09.395Z", "datePublished": "2025-07-29T08:07:38.230Z", "dateUpdated": "2025-07-29T13:47:18.609Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Web Help Desk", "vendor": "SolarWinds", "versions": [{"status": "affected", "version": "12.8.6 and previous versions"}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "DieuLink, Nhiephon, and chung96vn from GCSC Vietnam"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files."}], "value": "SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files."}], "impacts": [{"capecId": "CAPEC-201", "descriptions": [{"lang": "en", "value": "CAPEC-201 XML Entity Linking"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2025-07-29T08:07:38.230Z"}, "references": [{"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26400"}, {"url": "https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-7_release_notes.htm"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "SolarWinds recommends customers upgrade to Web Help Desk version 12.8.7 as soon as is practical.<br>"}], "value": "SolarWinds recommends customers upgrade to Web Help Desk version 12.8.7 as soon as is practical."}], "source": {"discovery": "EXTERNAL"}, "title": "SolarWinds Web Help Desk XML External Entity Injection (XXE) Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-29T13:47:11.601984Z", "id": "CVE-2025-26400", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-29T13:47:18.609Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-26400", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-29T13:47:11.601984Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-29T13:47:14.712Z"}}], "cna": {"title": "SolarWinds Web Help Desk XML External Entity Injection (XXE) Vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "DieuLink, Nhiephon, and chung96vn from GCSC Vietnam"}], "impacts": [{"capecId": "CAPEC-201", "descriptions": [{"lang": "en", "value": "CAPEC-201 XML Entity Linking"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SolarWinds", "product": "Web Help Desk", "versions": [{"status": "affected", "version": "12.8.6 and previous versions"}], "defaultStatus": "affected"}], "solutions": [{"lang": "en", "value": "SolarWinds recommends customers upgrade to Web Help Desk version 12.8.7 as soon as is practical.", "supportingMedia": [{"type": "text/html", "value": "SolarWinds recommends customers upgrade to Web Help Desk version 12.8.7 as soon as is practical.<br>", "base64": false}]}], "references": [{"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26400"}, {"url": "https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-7_release_notes.htm"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files.", "supportingMedia": [{"type": "text/html", "value": "SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2025-07-29T08:07:38.230Z"}}}, "cveMetadata": {"cveId": "CVE-2025-26400", "state": "PUBLISHED", "dateUpdated": "2025-07-29T13:47:18.609Z", "dateReserved": "2025-02-08T00:19:09.395Z", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "datePublished": "2025-07-29T08:07:38.230Z", "assignerShortName": "SolarWinds"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:web_help_desk:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE441DEF-EFE1-47A6-A542-40B493D72AEF", "versionEndExcluding": "12.8.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files."}, {"lang": "es", "value": "Se inform\u00f3 que SolarWinds Web Help Desk se vio afectado por una vulnerabilidad de inyecci\u00f3n de entidades externas XML (XXE) que podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n. Se requiere un acceso v\u00e1lido con privilegios bajos, a menos que el atacante tuviera acceso al servidor local para modificar los archivos de configuraci\u00f3n."}], "id": "CVE-2025-26400", "lastModified": "2025-11-17T16:11:59.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "psirt@solarwinds.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-07-29T08:15:26.053", "references": [{"source": "psirt@solarwinds.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-7_release_notes.htm"}, {"source": "psirt@solarwinds.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26400"}], "sourceIdentifier": "psirt@solarwinds.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "psirt@solarwinds.com", "type": "Primary"}]}

{}

{"created": "2025-07-30T06:15:21.730581+00:00", "updated": "2025-07-30T06:15:21.730642+00:00", "vendors": ["solarwinds", "solarwinds$PRODUCT$web_help_desk"]}