22 matches found
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF descriptor. An attacker may be able execute code to change the normal execution of the OSM components,...
EUVD-2024-54816
Malicious code in bioql PyPI...
EUVD-2024-54817
Malicious code in bioql PyPI...
CVE-2024-48730
The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...
CVE-2024-48729
An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...
CVE-2024-48730
The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...
CVE-2024-48729
An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...
CVE-2024-48730
The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...
PT-2025-30846 · Etsi · Etsi Open-Source Mano
Name of the Vulnerable Software and Affected Versions: ETSI Open-Source MANO OSM versions 14.x through 15.x Description: The software does not impose restrictions on authentication attempts performed by an administrator user, potentially allowing a remote attacker to escalate privileges...
Open Source MANO 安全漏洞
Open Source MANO OSM is an open source software for managing and coordinating future networks from Open Source MANO, Inc. A security vulnerability exists in Open Source MANO OSM versions 14.x and 15.x, which originates in the /osm/admin/v1/users component could lead to elevation of privilege...
PT-2025-30845 · Etsi · Etsi Open-Source Mano
Name of the Vulnerable Software and Affected Versions: ETSI Open-Source MANO OSM versions 14.x through 15.x Description: An issue allows a remote attacker to escalate privileges via the /osm/admin/v1/users component. Recommendations: ETSI Open-Source MANO OSM versions 14.x and 15.x are affected. ...
CVE-2024-48729
An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...
CVE-2024-48730
The default configuration in ETSI Open-Source MANO OSM v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges...
Open Source MANO 安全漏洞
Open Source MANO OSM is an open source software for managing and orchestrating future networks from Open Source MANO, Inc. A security vulnerability exists in Open Source MANO OSM versions 14.x and 15.x that stems from an unrestricted administrator authentication attempt that could result in...
CVE-2024-48730
CVE-2024-48730 affects ETSI Open-Source MANO (OSM) versions 14.x–17.x. The issue arises from a default admin account that does not limit authentication attempts, enabling a remote attacker to escalate privileges. Evidence in multiple feeds (including Red Hat and CNNVD/CVE records) confirms the co...
CVE-2024-48729
An issue in ETSI Open-Source MANO OSM 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component...
CVE-2024-48729
The CVE-2024-48729 issue affects ETSI Open-Source MANO (OSM) versions 14.x (before 14.0.3), 15.x (before 15.0.2), 16.0.0, and 17.0.0. A remote authenticated attacker can escalate privileges via the /osm/admin/v1/users component. The connected sources confirm the vulnerability path but do not prov...
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF descriptor. An attacker may be able execute code to change the normal execution of the OSM components,...
PT-2024-11595 · Unknown · Open Source Mano
Name of the Vulnerable Software and Affected Versions: Open Source MANO versions 7 through 12 Description: The issue is related to improper verification of user input, allowing an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function VNF...
Open Source MANO 安全漏洞
Open Source MANO OSM is an open source software for managing and coordinating future networks from Open Source MANO. A security vulnerability exists in Open Source MANO versions v7 through v12 that stems from incorrect validation of user input...