CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.9%
The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API commands.
The SolarWinds Orion Platform is a suite of infrastructure and system monitoring and management products. The SolarWinds Orion API is embedded into the Orion Core and is used to interface with all SolarWinds Orion Platform products. API authentication can be bypassed by including specific parameters in the Request.PathInfo
portion of a URI request, which could allow an attacker to execute unauthenticated API commands. In particular, if an attacker appends a PathInfo
parameter of WebResource.axd
, ScriptResource.axd
, i18n.ashx
, or Skipi18n
to a request to a SolarWinds Orion server, SolarWinds may set the SkipAuthorization flag, which may allow the API request to be processed without requiring authentication.
This vulnerability, also known as CVE-2020-10148, is the vulnerability that SolarWinds has indicated to have been used to install the malware known as SUPERNOVA.
We have created a python3 script to check for vulnerable SolarWinds Orion servers: swcheck.py
This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance.
Apply an Update
Users should update to the relevant versions of the SolarWinds Orion Platform:
More information can be found in the SolarWinds Security Advisory.
Harden the IIS Server
Especially in cases when updates cannot be installed, we recommend that users implement these mitigations to harden the IIS server.
This document was written by Madison Oliver and Will Dormann.
843464
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Notified: 2020-12-10 Updated: 2021-01-11 CVE-2020-10148 | Affected |
---|
We have not received a statement from the vendor.
CVE IDs: | CVE-2020-10148 |
---|---|
Date Public: | 2020-12-26 Date First Published: |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.9%