CVE advisoryKnown Exploit
CVE-2020-10148
SolarWinds Orion API Authentication Bypass
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
The SolarWinds Orion API has an authentication bypass vulnerability, allowing remote attackers to execute commands and potentially compromise the instance. This poses a significant business risk to affected organizations by enabling unauthorized access and control over systems.