Vulnerability Details : CVE-2020-10148
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.
Products affected by CVE-2020-10148
- cpe:2.3:a:solarwinds:orion_platform:2020.2:-:*:*:*:*:*:*
- cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:*
- cpe:2.3:a:solarwinds:orion_platform:2020.2.1:hotfix1:*:*:*:*:*:*
CVE-2020-10148 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
SolarWinds Orion Authentication Bypass Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2020-10148
Added on
2021-11-03
Action due date
2022-05-03
Exploit prediction scoring system (EPSS) score for CVE-2020-10148
97.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-10148
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-08-01 |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-10148
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
-
The product requires authentication, but the product has an alternate path or channel that does not require authentication.Assigned by: cret@cert.org (Secondary)
References for CVE-2020-10148
-
https://kb.cert.org/vuls/id/843464
VU#843464 - SolarWinds Orion API authentication bypass allows remote command executionThird Party Advisory;US Government Resource
-
https://www.solarwinds.com/securityadvisory
Security Advisory | SolarWindsVendor Advisory
Jump to