Orion Platform@2020.2 Security Vulnerabilities and Issues — Orion Platform@2020.2 CVE List

Lucene search

SolarwindsOrion Platform2020.2

3 matches found

CVE•added 2020/12/29 10:15 p.m.•1077 views

CVE-2020-10148

The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds O...

9.8CVSS9.8AI score0.94345EPSS

CVE•added 2021/04/14 4:15 p.m.•44 views

CVE-2021-27258

This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restri...

9.8CVSS9.7AI score0.11234EPSS

CVE•added 2021/04/22 6:15 p.m.•34 views

CVE-2021-27277

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific fl...

7.8CVSS7.9AI score0.02208EPSS