ONAP Logging Access Control Error Vulnerability

ONAP Logging is a logger in the ONAP network management system from the ONAP project. An access control error vulnerability exists in ONAP Logging Dublin and previous versions. An attacker can exploit this vulnerability to gain full privileges to the ONAP service without authentication via ports...

ONAP SO Authorization Issue Vulnerability

ONAP SO is a service orchestration program for ONAP from the ONAP project. An authorization issue vulnerability exists in ONAP SO Dublin and prior versions. An attacker can use ports 30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271 to gain full privileges to the ONAP service...

CVE-2019-12129

In ONAP MSB through Dublin, by accessing an applicable port 30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271, an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager OOM setups are affected...

ONAP SDNC Operating System Command Injection Vulnerability (CNVD-2020-28056)

The ONAP SDNC is a network-defined network controller from the ONAP program. ONAP SDNC suffers from an operating system command injection vulnerability. An attacker can exploit this vulnerability to execute arbitrary commands with the help of a specially crafted 'filename' parameter...