WHD 12.8.3 Hotfix 3 release notes
Release date: October 15, 2024
Web Help Desk 12.8.3 Hotfix 3 provides bug and security fixes for release 12.8.3. It also provides enhancements and other fixes. For information about the 12.8.3 release, including EOL notices and upgrade information, see 12.8.3 Release Notes.
New features and improvements in WHD
Last updated:
Enhanced localization support
Canned response templates now support localization.
Fixes
Last updated:
| Case number | Description |
|---|---|
| 01746319, 01750250 | Clients can now access older tickets on the client UI. |
| 01748857 | BB Code is supported in canned response templates. |
|
01751747, 01757596, 01760495, 01759118 |
Added All/Specific option for Status Type selection in canned response templates. |
| 01741917, 01757596 | Email Templates now appear on all Ticket Update Emails instead of Canned Responses. |
| 01733271, 01758653 | Resolved issue with non-admin users being able to see all tickets, including deleted ones. |
| 01550538, 01673485 | Resolved issue with JVM argument to allow users to opt out of IP binding enforcement. |
| 01736325, 01733113 | Resolved error in WHD 12.8.3 Hotfix 2 created when authorizing incoming mail account for Gmail. |
| 01748114, 01758968 | Web Help Desk FAQ Issues. |
| 01748587, 01746456, 01748154, 01739671, 01763410, 01763692, 01763712 | Added password reset url regex. |
CVEs
Last updated: October 7th, 2024
SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.
SolarWinds CVEs
| CVE-ID | Vulnerability Title | Description | Severity | Credit |
|---|---|---|---|---|
| CVE-2024-28988 | SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability (CVE-2024-28988) | SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing this report. The ZDI team was able to discover an unauthenticated attack during their research. We recommend all Web Help Desk customers apply the patch, which is now available. | 9.8 Critical | Guy Lederfein of Trend Micro |
Installation or upgrade
Last updated:
For new installations, you can download the installer from the SolarWinds website or from the Customer Portal. For more information, see the WHD Installation and Upgrade Guide.
After you complete the installation, see the WHD Getting Started Guide. This guide picks up right after the installation process and walks you through the initial steps you need to take to start using the application.
WHD supports Windows Server 2019 and 2022 for production environments and Windows 11 for trial evaluations. These operating system require additional setup to install. See the WHD Installation and Upgrade Guide for instructions.
To install WHD and enable FIPS, see Enable FIPS in a new deployment in the WHD Administrator Guide.
WHD no longer includes the additional configuration files required to enable Federal Information Processing Standards (FIPS) mode in the application. To install WHD and enable FIPS, see Enable FIPS in a new deployment in the WHD Administrator Guide.
If you are installing WHD 12.7.12 with FIPS mode disabled, make sure version 12.7.9 is running on the host server before you install. When the installation is completed, enable FIPS mode.
For upgrades, use the WHD Installation and Upgrade Guide to plan and execute your upgrade. When you are ready, download the upgrade package from the SolarWinds Customer Portal.
Legal notices
© 2024 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.