ONAP Service Design and Creation Code Injection Vulnerability (CNVD-2020-24671)

ONAP Service Design and Creation SDC is a set of visual modeling and design tools for the ONAP project. A code injection vulnerability exists in ONAP SDC Dublin and prior versions, which stems from faulty access control. A remote attacker can exploit this vulnerability by accessing port 6000 of t...

CVE-2019-12118

An issue was discovered in ONAP SDC through Dublin. By accessing port 7001 of demo-sdc-sdc-wfd-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...