CVE-2020-10148 - OpenCVE

The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Solarwinds	Orion Platform

Configuration 1 [-]

OR	cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5::::::
	cpe:2.3:a:solarwinds:orion_platform:2020.2:-::::::
	cpe:2.3:a:solarwinds:orion_platform:2020.2.1:hotfix1::::::

No data.

References

Link	Providers
https://kb.cert.org/vuls/id/843464
https://www.kb.cert.org/vuls/id/843464
https://www.solarwinds.com/securityadvisory

History

No history.

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2020-12-29T21:55:16.195722Z

Updated: 2024-09-16T17:28:03.664Z

Reserved: 2020-03-05T00:00:00

Link: CVE-2020-10148

Vulnrichment

Updated: 2024-08-04T10:50:57.882Z

NVD

Status : Analyzed

Published: 2020-12-29T22:15:12.327

Modified: 2024-08-13T19:22:06.523

Link: CVE-2020-10148

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Orion Platform", "vendor": "SolarWinds", "versions": [{"status": "affected", "version": "2019.4 HF 5"}, {"status": "affected", "version": "2020.2 without hotfix"}, {"status": "affected", "version": "2020.2 HF 1"}]}], "datePublic": "2020-12-13T00:00:00", "descriptions": [{"lang": "en", "value": "The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-29T21:55:16", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.solarwinds.com/securityadvisory"}, {"name": "VU#843464", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "https://kb.cert.org/vuls/id/843464"}], "solutions": [{"lang": "en", "value": "Users should update to the relevant versions of the SolarWinds Orion Platform:\n\n2019.4 HF 6 (released December 14, 2020)\n2020.2.1 HF 2 (released December 15, 2020)\n2019.2 SUPERNOVA Patch (released December 23, 2020)\n2018.4 SUPERNOVA Patch (released December 23, 2020)\n2018.2 SUPERNOVA Patch (released December 23, 2020)"}], "source": {"discovery": "UNKNOWN"}, "title": "SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "SUNBURST", "ASSIGNER": "cert@cert.org", "DATE_PUBLIC": "2020-12-13T00:00:00.000Z", "ID": "CVE-2020-10148", "STATE": "PUBLIC", "TITLE": "SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Orion Platform", "version": {"version_data": [{"version_affected": "=", "version_name": "2019.4 HF 5", "version_value": "2019.4 HF 5"}, {"version_affected": "=", "version_name": "2020.2 without hotfix", "version_value": "2020.2 without hotfix"}, {"version_affected": "=", "version_name": "2020.2 HF 1", "version_value": "2020.2 HF 1"}]}}]}, "vendor_name": "SolarWinds"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"}]}]}, "references": {"reference_data": [{"name": "https://www.solarwinds.com/securityadvisory", "refsource": "CONFIRM", "url": "https://www.solarwinds.com/securityadvisory"}, {"name": "VU#843464", "refsource": "CERT-VN", "url": "https://kb.cert.org/vuls/id/843464"}]}, "solution": [{"lang": "en", "value": "Users should update to the relevant versions of the SolarWinds Orion Platform:\n\n2019.4 HF 6 (released December 14, 2020)\n2020.2.1 HF 2 (released December 15, 2020)\n2019.2 SUPERNOVA Patch (released December 23, 2020)\n2018.4 SUPERNOVA Patch (released December 23, 2020)\n2018.2 SUPERNOVA Patch (released December 23, 2020)"}], "source": {"discovery": "UNKNOWN"}}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.kb.cert.org/vuls/id/843464"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.solarwinds.com/securityadvisory"}, {"name": "VU#843464", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "https://kb.cert.org/vuls/id/843464"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:50:57.882Z"}}, {"affected": [{"vendor": "solarwinds", "product": "orion_platform", "cpes": ["cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2019.4", "status": "affected"}]}, {"vendor": "solarwinds", "product": "orion_platform", "cpes": ["cpe:2.3:a:solarwinds:orion_platform:2020.2.1:-:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2020.2.1", "status": "affected"}]}, {"vendor": "solarwinds", "product": "orion_platform", "cpes": ["cpe:2.3:a:solarwinds:orion_platform:2020.2:hotfix1:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2020.2", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-01T19:31:04.550116Z", "id": "CVE-2020-10148", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-11-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-10148"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-01T19:37:49.490Z"}}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2020-10148", "datePublished": "2020-12-29T21:55:16.195722Z", "dateReserved": "2020-03-05T00:00:00", "dateUpdated": "2024-09-16T17:28:03.664Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.kb.cert.org/vuls/id/843464"}, {"url": "https://www.solarwinds.com/securityadvisory", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://kb.cert.org/vuls/id/843464", "name": "VU#843464", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:50:57.882Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2020-10148", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-01T19:31:04.550116Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-11-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-10148"}}}], "affected": [{"cpes": ["cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:*"], "vendor": "solarwinds", "product": "orion_platform", "versions": [{"status": "affected", "version": "2019.4"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:solarwinds:orion_platform:2020.2.1:-:*:*:*:*:*:*"], "vendor": "solarwinds", "product": "orion_platform", "versions": [{"status": "affected", "version": "2020.2.1"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:solarwinds:orion_platform:2020.2:hotfix1:*:*:*:*:*:*"], "vendor": "solarwinds", "product": "orion_platform", "versions": [{"status": "affected", "version": "2020.2"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-01T19:31:27.529Z"}}], "cna": {"title": "SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands", "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "SolarWinds", "product": "Orion Platform", "versions": [{"status": "affected", "version": "2019.4 HF 5"}, {"status": "affected", "version": "2020.2 without hotfix"}, {"status": "affected", "version": "2020.2 HF 1"}]}], "solutions": [{"lang": "en", "value": "Users should update to the relevant versions of the SolarWinds Orion Platform:\n\n2019.4 HF 6 (released December 14, 2020)\n2020.2.1 HF 2 (released December 15, 2020)\n2019.2 SUPERNOVA Patch (released December 23, 2020)\n2018.4 SUPERNOVA Patch (released December 23, 2020)\n2018.2 SUPERNOVA Patch (released December 23, 2020)"}], "datePublic": "2020-12-13T00:00:00", "references": [{"url": "https://www.solarwinds.com/securityadvisory", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://kb.cert.org/vuls/id/843464", "name": "VU#843464", "tags": ["third-party-advisory", "x_refsource_CERT-VN"]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2020-12-29T21:55:16"}, "x_legacyV4Record": {"source": {"discovery": "UNKNOWN"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_name": "2019.4 HF 5", "version_value": "2019.4 HF 5", "version_affected": "="}, {"version_name": "2020.2 without hotfix", "version_value": "2020.2 without hotfix", "version_affected": "="}, {"version_name": "2020.2 HF 1", "version_value": "2020.2 HF 1", "version_affected": "="}]}, "product_name": "Orion Platform"}]}, "vendor_name": "SolarWinds"}]}}, "solution": [{"lang": "en", "value": "Users should update to the relevant versions of the SolarWinds Orion Platform:\n\n2019.4 HF 6 (released December 14, 2020)\n2020.2.1 HF 2 (released December 15, 2020)\n2019.2 SUPERNOVA Patch (released December 23, 2020)\n2018.4 SUPERNOVA Patch (released December 23, 2020)\n2018.2 SUPERNOVA Patch (released December 23, 2020)"}], "data_type": "CVE", "generator": {"engine": "Vulnogram 0.0.9"}, "references": {"reference_data": [{"url": "https://www.solarwinds.com/securityadvisory", "name": "https://www.solarwinds.com/securityadvisory", "refsource": "CONFIRM"}, {"url": "https://kb.cert.org/vuls/id/843464", "name": "VU#843464", "refsource": "CERT-VN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-10148", "AKA": "SUNBURST", "STATE": "PUBLIC", "TITLE": "SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands", "ASSIGNER": "cert@cert.org", "DATE_PUBLIC": "2020-12-13T00:00:00.000Z"}}}}, "cveMetadata": {"cveId": "CVE-2020-10148", "state": "PUBLISHED", "dateUpdated": "2024-09-16T17:28:03.664Z", "dateReserved": "2020-03-05T00:00:00", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "datePublished": "2020-12-29T21:55:16.195722Z", "assignerShortName": "certcc"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-05-03", "cisaExploitAdd": "2021-11-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "SolarWinds Orion Authentication Bypass Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:*", "matchCriteriaId": "28A11AD1-B244-4725-90ED-0E656872004F", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:orion_platform:2020.2:-:*:*:*:*:*:*", "matchCriteriaId": "5857C0F0-37C5-4CF6-B921-7D5BFE065EAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:orion_platform:2020.2.1:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "60F65C7E-90D6-4BB5-BA76-593CD5786C95", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected."}, {"lang": "es", "value": "La API Orion de SolarWinds es vulnerable a una omisi\u00f3n de autenticaci\u00f3n que podr\u00eda permitir a un atacante remoto ejecutar comandos de la API. Esta vulnerabilidad podr\u00eda permitir a un atacante remoto omitir la autenticaci\u00f3n y ejecutar comandos de la API, lo que puede resultar en un compromiso de la instancia de SolarWinds. Las versiones 2019.4 HF 5, 2020.2 de SolarWinds Orion Platform sin revisi\u00f3n instalada y 2020.2 HF 1 est\u00e1n afectadas"}], "id": "CVE-2020-10148", "lastModified": "2024-08-13T19:22:06.523", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2020-12-29T22:15:12.327", "references": [{"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://kb.cert.org/vuls/id/843464"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "https://www.solarwinds.com/securityadvisory"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-288"}], "source": "cret@cert.org", "type": "Secondary"}]}