Statements (20)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:CVE_Identifier
|
| gptkbp:affects |
gptkb:SolarWinds_Orion_Platform
|
| gptkbp:describes |
An authentication bypass vulnerability in the SolarWinds Orion API that could allow a remote attacker to execute API commands.
|
| gptkbp:exploits |
Yes
|
| gptkbp:hasCVSSScore |
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| gptkbp:hasCWE |
gptkb:CWE-288
|
| gptkbp:hasPatchAvailable |
Yes
|
| gptkbp:hasSeverity |
Critical
|
| gptkbp:isRemoteExploit |
Yes
|
| gptkbp:publicDisclosure |
2020-12-14
|
| gptkbp:referencedIn |
https://nvd.nist.gov/vuln/detail/CVE-2020-10148
https://us-cert.cisa.gov/ncas/alerts/aa20-352a https://www.solarwinds.com/securityadvisory |
| gptkbp:vulnerableTo |
gptkb:Authentication_Bypass
|
| gptkbp:bfsParent |
gptkb:2020_SolarWinds_cyberattack
gptkb:SUNBURST gptkb:Orion_supply_chain_attack |
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2020-10148
|