OSA-2019-018: SQL Injections in Portal

Date: 2019-05-28

CVE: CVE-2019-12318

Severity: Important

Affects

Portal: El Alto and earlier

Description

Jakub Botwicz and Łukasz Wrochna from Samsung reported a number of vulnerabilities in ONAP Portal. By providing a crafted user input, an attacker gains access to the service database. All ONAP setups are affected.

Patches

Issue fixed with major ONAP Portal rework in Frankfurt.

Credits

Jakub Botwicz from Samsung
Łukasz Wrochna from Samsung

References

Read the Docs v: kohn

Versions: latest; kohn; jakarta

Downloads: html

On Read the Docs: Project Home; Builds