OSA-2019-024: Unprotected APIs/UIs exposed in MSB project
MSB: Dublin and earlier
Jakub Botwicz, Wojciech Rauner, Łukasz Wrochna and Radosław Żeszczuk from Samsung reported a number of vulnerabilities in ONAP MSB. By accessing one of:
ports, an attacker gains full access to the respective ONAP services without any authentication. All ONAP OOM setups are affected.
No patch for this vulnerability has been proposed yet.
Jakub Botwicz from Samsung
Wojciech Rauner from Samsung
Łukasz Wrochna from Samsung
Radosław Żeszczuk from Samsung