SolarWinds Orion API Auth bypass (CVE-2020-10148)
Description
Invicti determined that it was possible to access SolarWinds Orion's sensitive files without authentication with a specially crafted HTTP request.
Remediation
Upgrade to the latest version of SolarWinds Orion