Code injection

2020-03-1819:15:00

PRIOn knowledge base

www.prio-n.com

9.7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

JSON

An issue was discovered in ONAP SDC through Dublin. By accessing port 4000 of demo-sdc-sdc-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.

CPENameOperatorVersion
open_network_automation_platformge3.0.0
open_network_automation_platformlt4.0.0

CPE	Name	Operator	Version
	open_network_automation_platform	ge	3.0.0
	open_network_automation_platform	lt	4.0.0

References

jira.onap.org/browse/OJSI-10