Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Very High

CVE-2020-10148 SolarWinds Orion API authentication bypass and RCE

Disclosure Date: December 29, 2020 (last updated August 02, 2024)
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.