VYPR
Vendor

OnApp

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2019-12125CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.01

    In ONAP Logging through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12130CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.02

    In ONAP CLI through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12129CriMar 19, 2020
    risk 0.64cvss 9.8epss 0.02

    In ONAP MSB through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.

  • CVE-2019-12132CriMar 18, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in ONAP SDNC before Dublin. By executing sla/dgUpload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected.

  • CVE-2019-12123HigMar 18, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsXml with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected.

  • CVE-2019-12491MedJun 19, 2019
    risk 0.43cvss 6.6epss 0.02

    OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud (e.g. by renting…