CVE-2020-10148

GPTKB entity

Statements (21)
Predicate Object
gptkbp:instanceOf CVE Identifier
gptkbp:affects gptkb:SolarWinds_Orion_Platform
gptkbp:describes An authentication bypass vulnerability in the SolarWinds Orion API that could allow a remote attacker to execute API commands.
gptkbp:exploits Yes
gptkbp:hasCVSSScore 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
gptkbp:hasCWE gptkb:CWE-288
gptkbp:hasPatchAvailable Yes
gptkbp:hasSeverity Critical
https://www.w3.org/2000/01/rdf-schema#label CVE-2020-10148
gptkbp:isRemoteExploit Yes
gptkbp:publicDisclosure 2020-12-14
gptkbp:referencedIn https://nvd.nist.gov/vuln/detail/CVE-2020-10148
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
https://www.solarwinds.com/securityadvisory
gptkbp:vulnerableTo gptkb:Authentication_Bypass
gptkbp:bfsParent gptkb:2020_SolarWinds_cyberattack
gptkb:Solorigate
gptkb:SUNBURST
gptkb:Orion_supply_chain_attack
gptkbp:bfsLayer 7