ONAP Service Design and Creation Code Injection Vulnerability

ONAP Service Design and Creation SDC is a set of visual modeling and design tools for the ONAP project. A code injection vulnerability exists in ONAP SDC Dublin and prior versions that stems from faulty access control. A remote attacker can exploit this vulnerability by accessing port 7000 of the...

CVE-2019-12119

An issue was discovered in ONAP SDC through Dublin. By accessing port 7000 of demo-sdc-sdc-wfd-fe pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

CVE-2019-12115

An issue was discovered in ONAP SDC through Dublin. By accessing port 4000 of demo-sdc-sdc-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

CVE-2019-12116

An issue was discovered in ONAP SDC through Dublin. By accessing port 6000 of demo-sdc-sdc-fe pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...