Web Help Desk 12.7.6 release notes
Release date: August 20, 2021
These release notes were last updated on September 13, 2021.
These release notes describe the new features, improvements, and fixed issues in Web Help Desk 12.7.6. They also provide information about upgrades and describe workarounds for known issues.
Learn more
- If you are looking for previous Web Help Desk release notes, see Previous Version documentation.
- If you are looking for a hotfix, see Web Help Desk Hotfixes. This release includes all hotfixes from the previous version.
- If you are looking for a Knowledge Base (KB) article, see the SolarWinds Success Center.
New features and improvements
Web Help Desk 12.7.6 offers new enhancements and improvements compared to previous releases.
Updated Apache Tomcat
This release includes Apache Tomcat 9.0.48, which provides additional enhancements to further harden the application. This version replaces Tomcat 9.0.43, which is no longer supported.
Tomcat is an open source software product that creates both a web and application server for your enterprise.
Internal improvements
This release includes additional updates that improve the product stability and functionality.
New customer installation
See the Web Help Desk Installation and Upgrade Guide for details about installing Web Help Desk. After you complete the installation, see the Web Help Desk Getting Started Guide. This guide picks up right after the installation process and walks you through the initial steps you need to start using the application.
Web Help Desk no longer includes the additional configuration files required to enable Federal Information Processing Standards (FIPS) mode in the application. To install Web Help Desk and enable FIPS, see Enable FIPS in a new deployment located in the Web Help Desk Administrator Guide.
To install Web Help Desk 12.7.6 with FIPS mode disabled, install version 12.7.6 on the host server. When the installation is completed, enable FIPS mode.
SQL Server database collation requirements
If you plan to use a Microsoft SQL Server database for your deployment, verify that the server collation in your database is set to case insensitive before you run the installer. If it is set to case sensitive, create a new case insensitive database using SQL Server Management Studio.
See Prepare your Web Help Desk database in the Web Help Desk Administrator Guide for details.
How to upgrade
If you are upgrading from a previous version, see the Web Help Desk Installation and Upgrade Guide. This guide provides steps and procedures for installing and upgrading Web Help Desk in an evaluation, stand-alone, or integrated Orion deployment.
Upgrade your FIPS deployment
If FIPS is enabled in your Web Help Desk 12.7.2 through 12.7.4 deployment, copy the following files to another location before you upgrade:
<WebHelpDesk>\bin\nss-x64<WebHelpDesk>\conf\additional\fips-140-2
When you are finished, upgrade to 12.7.5, and then upgrade to 12.7.6.
See the Web Help Desk Installation and Upgrade Guide for details.
Install the MySQL JDBC driver
Beginning with Web Help Desk 12.7.1, Oracle Java is replaced with the Open Java Development Kit (OpenJDK). This update modifies the directory structure where the MySQL Java Database Connectivity (JDBC) driver is installed. To prevent errors after the upgrade, install the driver on your host server in the new location to prevent errors in the application after the upgrade.
Upgrade your Apache Tomcat software
The software installer includes Apache Tomcat 9.0.48, which provides enhanced security and is required for this release.
When you upgrade your Web Help Desk software, the upgrade procedure replaces the <WebHelpDesk>\conf\tomcat_web_template.xml file with an updated file that includes the Tomcat 9.0.48 settings.
Before you upgrade, back up your current tomcat_web_template.xml file to an external directory. When the upgrade is completed, add your personal settings to the updated file from your backup file.
Fixed issues
Web Help Desk 12.7.6 fixes the following issues.
| Case Number | Description |
|---|---|
|
00160912 00541462 00843890 |
Look & Feel no longer displays code when you click Refresh Preview. |
|
N/A |
A broken logo link no longer displays in the Web Help Desk Administrator Console when you create a new logo in Look & Feel. |
|
N/A |
Changing the ticket priority from a pop-up note no longer generates an error. |
|
00349376 00804837 |
Techs no longer receive two email notifications from an Orion integration alert. |
|
00515558 00833258 |
Bullet lists now display correctly in an FAQ. |
|
00545110 |
Content Security Policy headers were added for further application hardening. |
|
00486229 00545529 |
Ticket with Arabic characters no longer display random characters in an exported TSV file. |
|
00550642 |
A ticket with pending checklist items no longer closes automatically when the status is changed to Resolved. |
|
00734875 |
Arabian characters now display correctly in a Google Chrome of Microsoft Edge web browser. |
|
00779800 |
The ticket dashboard now displays chart results in the proper order. |
|
00794196 |
The History tab in the client interface now displays the correct custom date field and allows users to add comments as needed. |
|
00787966 |
You can now search by company, location, and location custom field. |
|
00759940 |
Techs with limited permissions can now log in to Web Help Desk without generating an error. |
|
00763185 00769907 |
An error no longer displays when you open Ticket View from the My Tickets tab. |
|
00751853 |
Action rules are now applied correctly to Orion Alert tickets. |
|
00759940 |
You no longer need to add the tech password when editing a tech profile. |
|
00549324 00657215 |
A tech account is no longer locked out when you use the Web Help Desk Discovery Engine (WMI). |
|
00779376 |
The Inventory import now updates automatically in the part index. |
|
00806759 |
When you open a ticket from a calendar link, the ticket now includes the correct linked parent ticket. |
|
00781086 00809152 00810240 |
Request type now display in order in the administrator console. |
|
00806352 00815251 |
LDAP connections now work correctly after upgrading to Web Help Desk 12.7.5. |
|
00814207 |
Child ticket notes in a parent ticket now display correctly in the Client view. |
|
00791113 00815464 |
Logging in to Web Help Desk using Google G-Suite with SAML no longer generates an error. |
|
00818916 00825466 00825514 00828748 00845959 |
Backing up the PostgreSQL database no longer generates an error after you upgrade the application or change the default user account. |
|
00825179 |
Special characters now display correctly in a TSV report. |
|
00706166 |
Configuring an incoming email account for Office 365 using Open Authentication (OAuth) no longer generates an error. |
|
00824268 |
HTML tags no longer display in the Ticket Update summary. |
|
00827311 |
In a ticket, the Client check box under Recipients is no longer disabled. |
|
00837591 |
The Client interface now displays all FAQ pages when you click Show Details in an FAQ. |
|
00843876 |
Error messages generated during an asset import now display with visible characters. |
|
00839804 |
Client administrators who manage over 2,100 locations on a Web Help Desk with a Microsoft SQL Server database can now view tickets on the History page. |
|
00851854 |
All comments entered by a tech now display correctly in the ticket. |
|
00844303 |
You can now select or deselect all request types in the ticket custom fields. |
|
00842087 |
When you create a new ticket request type, the text entered in the Detailed Instructions box now displays as blue text above the Request Detail field. |
|
00842822 00843948 00851733 00858405 |
The ticket request types now display in alphabetical order. |
|
00850182 |
Greek characters now display correctly in a ticket when using the email option. |
|
00847005 |
Updating a user profile in the Client interface no longer generates an error. |
|
00800567 |
Viewing tickets in the Client interface no longer generates an error. |
CVE issues
SolarWinds would like to thank our Security Researchers below for reporting on this issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.
| CVE-ID | Vulnerability Title | Description | Severity | Credit |
|---|---|---|---|---|
| CVE-2021-32076 | Access Restriction bypass via referrer spoof - Business Logic Bypass: WHD 12.7.2 | While performing penetration testing, it was observed that an attacker can access the “Web Help Desk Getting Started Wizard,” especially the admin account creation page, from non-privileged IP range or loopback by interception of the http request and changing the referrer from the public IP to the loopback “http://127.0.0.1:8081.” | Medium | Moaaz Taha |
Legal notices
© 2021 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.