Join us for The Remediation Summit on Dec. 9
Register for Free

CVE-2020-10148

The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.

  • OS
    Any OS
  • Version
    Any Version
  • Type
    Any Type

3 fixes found:

    Version Update

    [SECURITY] [DLA 2509-1] tzdata new upstream version
    Published Date:Dec 29, 2020
    Updated Date:Dec 29, 2020
    Source:Debian9
    Affected Packages:

    tzdata-2020e

    Version Update

    [SECURITY] [DLA 2510-1] libdatetime-timezone-perl new upstream release
    Published Date:Dec 29, 2020
    Updated Date:Dec 29, 2020
    Source:Debian9
    Affected Packages:

    libdatetime-timezone-perl-2.09

  • Version Update

    SolarWinds Security Advisory
    Published Date:Dec 29, 2020
    Updated Date:Dec 29, 2020
    Source:SolarWinds