Uploaded image for project: 'ONAP JIRA Security Issues'
  1. ONAP JIRA Security Issues
  2. OJSI-201

DCAE TCA exposes unprotected APIs/UIs (CVE-2019-12126)

CloneClone+Clone++
    XMLWordPrintable

    Details

      Description

      Impact description (draft)

      Title: Unprotected APIs/UIs exposed in DCAE project

      Reporter: Jakub Botwicz,  Wojciech Rauner, Łukasz Wrochna and Radosław Żeszczuk from Samsung

      Products: DCAE

      Affects: Dublin and earlier

      Description:

      Jakub Botwicz,  Wojciech Rauner, Łukasz Wrochna and Radosław Żeszczuk from Samsung reported a vulnerability in ONAP DCAE. By accessing port 32010, an attacker gains full access to the respective ONAP service without any authentication. All ONAP OOM setups are affected.

        Attachments

          Issue Links

          # Subject Branch Project Status CR V

            Activity

              People

              Assignee:
              vv770d Vijay Venkatesh Kumar
              Reporter:
              kopasiak Krzysztof Opasiak
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: