Enhancement: cves/2020/CVE-2020-10148.yaml by mp

cves/2020/CVE-2020-10148.yaml

@@ -1,17 +1,17 @@
 id: CVE-2020-10148
 
 info:
-  name: SolarWinds Orion API Auth Bypass Leads to RCE (SUPERNOVA)
+  name: SolarWinds Orion API - Auth Bypass
   author: dwisiswant0
   severity: critical
   description: |
-    This template could allow to bypass authentication and execute API
-    commands which may result in a compromise of the SolarWinds instance.
+    SolarWinds Orion API is vulnerable to an authentication bypass vulnerability that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.
   reference:
     - https://kb.cert.org/vuls/id/843464
     - https://github.com/jaeles-project/jaeles-signatures/blob/master/cves/solarwinds-lfi-cve-2020-10148.yaml
     - https://gist.github.com/0xsha/75616ef6f24067c4fb5b320c5dfa4965
     - https://twitter.com/0xsha/status/1343800953946787847
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-10148
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -43,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/16