Authentication flaw

In ONAP MSB through Dublin, by accessing an applicable port 30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271, an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager OOM setups are affected...

Authentication flaw

In ONAP CLI through Dublin, by accessing an applicable port 30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271, an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager OOM setups are affected...

CVE-2019-12120

An issue was discovered in ONAP VNFSDK through Dublin. By accessing port 8000 of demo-vnfsdk-vnfsdk, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

CVE-2019-12117

An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

CVE-2019-12119

An issue was discovered in ONAP SDC through Dublin. By accessing port 7000 of demo-sdc-sdc-wfd-fe pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

CVE-2019-12114

An issue was discovered in ONAP HOLMES before Dublin. By accessing port 9202 of dep-holmes-engine-mgmt pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

CVE-2019-12116

An issue was discovered in ONAP SDC through Dublin. By accessing port 6000 of demo-sdc-sdc-fe pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

CVE-2019-12115

An issue was discovered in ONAP SDC through Dublin. By accessing port 4000 of demo-sdc-sdc-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

CVE-2019-12118

An issue was discovered in ONAP SDC through Dublin. By accessing port 7001 of demo-sdc-sdc-wfd-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

Code injection

An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

Pivotal Software Pivotal Operations Manager Cross-Site Scripting Vulnerability

Pivotal Software Pivotal Operations Manager is a Cloud Foundry automated management solution from Pivotal Software, USA. The solution automates the deployment, upgrade and management of the Cloud Foundry platform. A cross-site scripting vulnerability exists in Pivotal Software Pivotal Operations...

CVE-2019-3776 Reflected XSS in Pivotal Operations Manager

Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with...

CVE-2019-3776

Vulnerability summary (CVE-2019-3776) : Pivotal Operations Manager is affected by a reflected cross-site scripting vulnerability in several versions (2.1.x before 2.1.20, 2.2.x before 2.2.16, 2.3.x before 2.3.10, 2.4.x before 2.4.3). Impact (as described) : A remote attacker who can lure a user t...

CVE-2019-3776

Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with...

Cross site scripting

Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with...

CVE-2019-3776

Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with...

SolarWinds Network Operations Manager Detection (Windows SMB Login)

This script detects the installed version of SolarWinds Network Operations Manager for Windows. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

How to Collect Logs for Veeam Management Pack for Microsoft System Center

Purpose This article documents how to collect logs for Veeam Management Pack for Microsoft System Center. Solution For VMware Infrastructure To investigate issues associated with a VMware Infrastructure, logs should be collected from both Veeam Management Pack for Microsoft System Center and the...

Pivotal Operations Manager Elevation of Privilege Vulnerability

Pivotal Operations Manager is a Cloud Foundry automated management solution from Pivotal Software, USA. The solution automates the deployment, upgrade and management of the Cloud Foundry platform. An elevation of privilege vulnerability exists in Pivotal Operations Manager. A remote attacker can...

Privilege escalation

Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a new client...