OSA-2019-002: SQL Injection in APPC
APPC: Dublin and earlier
Jakub Botwicz from Samsung reported a vulnerability in ONAP APPC. By providing a crafted user input to /cdtService/getDesigns form, an attacker gains access to the service database. All ONAP setups are affected.
Jakub Botwicz from Samsung