Show filters

Showing topic results for "CVE-2020-10148":

(1-1 of 1)

Sort by:
Attacker Value
Very High

CVE-2020-10148 SolarWinds Orion API authentication bypass and RCE

Disclosure Date: December 29, 2020 (last updated January 04, 2021)
The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API commands. This API is a central part of the Orion platform with highly privileged access to all Orion platform components. API authentication can be bypassed by including specific parameters in the `Request.PathInfo` portion of a URI request, which could allow an attacker to execute unauthenticated API commands. In particular, if an attacker appends a `PathInfo` parameter of WebResource.adx, ScriptResource.adx, i18n.ashx, or Skipi18n to a request to a SolarWinds Orion server, SolarWinds may set the `SkipAuthorization` flag, which may allow the API request to be processed without requiring authentication. Patches are available and as of 2020-12-24 organizations should be on one of the following versions to mitigate this weakness: - 2019.4 HF 6 (released December 14, 2020) - 2020.2.1 HF 2 (released December 15, 2020) - 2019.2 SUPERNOVA Patch (released December 23, 2020) - 2018.4 SUPERNOVA Patch (released December 23, 2020) - 2018.2 SUPERNOVA Patch (released December 23, 2020) Please see the following resources for more information: https://www.kb.cert.org/vuls/id/843464 https://www.solarwinds.com/securityadvisory#anchor2