OSA-2019-002: SQL Injection in APPC
Date: 2019-05-28
CVE: CVE-2019-12316
Severity: Important
Affects
APPC: Dublin and earlier
Description
Jakub Botwicz from Samsung reported a vulnerability in ONAP APPC. By providing a crafted user input to /cdtService/getDesigns form, an attacker gains access to the service database. All ONAP setups are affected.
Patches
Credits
Jakub Botwicz from Samsung