CVE-2022-35503

Open Source MANO (OSM) versions 7–12 have a vulnerability in the LCM module container when handling a VNF descriptor due to improper verification of user input. An authenticated attacker can execute arbitrary code within the LCM container, potentially changing normal OSM component execution, leak...

CVE-2022-35503

Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF descriptor. An attacker may be able execute code to change the normal execution of the OSM components,...