22 matches found
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF descriptor. An attacker may be able execute code to change the normal execution of the OSM components,...
EUVD-2024-54817
Malicious code in bioql PyPI...
EUVD-2024-54816
Malicious code in bioql PyPI...
CVE-2024-48730
The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...
CVE-2024-48729
An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...
CVE-2024-48730
The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...
CVE-2024-48729
An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...
CVE-2024-48729
An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...
CVE-2024-48730
CVE-2024-48730 affects ETSI Open-Source MANO (OSM) versions 14.x–17.x. The issue arises from a default admin account that does not limit authentication attempts, enabling a remote attacker to escalate privileges. Evidence in multiple feeds (including Red Hat and CNNVD/CVE records) confirms the co...
CVE-2024-48729
The CVE-2024-48729 issue affects ETSI Open-Source MANO (OSM) versions 14.x (before 14.0.3), 15.x (before 15.0.2), 16.0.0, and 17.0.0. A remote authenticated attacker can escalate privileges via the /osm/admin/v1/users component. The connected sources confirm the vulnerability path but do not prov...
CVE-2024-48730
The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...
CVE-2024-48730
The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...
CVE-2024-48729
An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...
PT-2025-30845 · Etsi · Etsi Open-Source Mano
Name of the Vulnerable Software and Affected Versions: ETSI Open-Source MANO OSM versions 14.x through 15.x Description: An issue allows a remote attacker to escalate privileges via the /osm/admin/v1/users component. Recommendations: ETSI Open-Source MANO OSM versions 14.x and 15.x are affected. ...
PT-2025-30846 · Etsi · Etsi Open-Source Mano
Name of the Vulnerable Software and Affected Versions: ETSI Open-Source MANO OSM versions 14.x through 15.x Description: The software does not impose restrictions on authentication attempts performed by an administrator user, potentially allowing a remote attacker to escalate privileges...
Open Source MANO 安全漏洞
Open Source MANO OSM is an open source software for managing and coordinating future networks from Open Source MANO, Inc. A security vulnerability exists in Open Source MANO OSM versions 14.x and 15.x, which originates in the /osm/admin/v1/users component could lead to elevation of privilege...
Open Source MANO 安全漏洞
Open Source MANO OSM is an open source software for managing and orchestrating future networks from Open Source MANO, Inc. A security vulnerability exists in Open Source MANO OSM versions 14.x and 15.x that stems from an unrestricted administrator authentication attempt that could result in...
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF descriptor. An attacker may be able execute code to change the normal execution of the OSM components,...
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF descriptor. An attacker may be able execute code to change the normal execution of the OSM components,...
PT-2024-11595 · Unknown · Open Source Mano
Name of the Vulnerable Software and Affected Versions: Open Source MANO versions 7 through 12 Description: The issue is related to improper verification of user input, allowing an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF...