📦 Open Network Automation Platform

CVE-2019-12125 is an authentication bypass vulnerability in ONAP Logging services that allows unauthenticated attackers to gain full administrative access to affected ONAP services by connecting to sp...

CVE-2019-12127 is an authentication bypass vulnerability in ONAP Operations Manager (OOM) that allows unauthenticated attackers to gain full access to ONAP services by connecting to specific ports. Al...

This vulnerability allows unauthenticated attackers to gain full administrative access to ONAP services by connecting to specific ports. All ONAP Operations Manager (OOM) deployments are affected, exp...

CVE-2019-12130 is a critical authentication bypass vulnerability in ONAP CLI through Dublin version. Attackers can gain full administrative access to ONAP services without credentials by connecting to...

CVE-2019-12132 is a critical command injection vulnerability in ONAP SDNC that allows unauthenticated attackers to execute arbitrary commands on affected systems by crafting a malicious filename param...

CVE-2019-12112 is a critical command injection vulnerability in ONAP SDNC that allows unauthenticated attackers to execute arbitrary commands on affected systems by crafting a filename parameter in th...

CVE-2019-12114 allows unauthenticated attackers with access to pod-to-pod communication to execute arbitrary code on ONAP HOLMES engine management pods via port 9202. This affects all ONAP Operations ...

CVE-2019-12116 allows unauthenticated attackers with pod-to-pod network access to execute arbitrary code on ONAP SDC frontend pods via port 6000. All ONAP Operations Manager (OOM) deployments through ...

This vulnerability allows unauthenticated attackers with access to pod-to-pod communication to execute arbitrary code on ONAP SDC pods via port 7001. All ONAP Operations Manager (OOM) setups are affec...

CVE-2019-12120 allows unauthenticated attackers with pod-to-pod network access to execute arbitrary code on ONAP VNFSDK pods via port 8000. All ONAP Operations Manager (OOM) deployments are affected. ...

This vulnerability in ONAP APPC exposes an unprotected Jolokia interface, allowing unauthenticated attackers to read or overwrite arbitrary files. All APPC setups before the Dublin release are affecte...

This vulnerability allows authenticated users to execute arbitrary commands on ONAP SDNC systems by exploiting a command injection flaw in the sla/printAsXml endpoint. All SDC setups that include admp...