OSA-2019-018: SQL Injections in Portal
Date: 2019-05-28
CVE: CVE-2019-12318
Severity: Important
Affects
Portal: El Alto and earlier
Description
Jakub Botwicz and Łukasz Wrochna from Samsung reported a number of vulnerabilities in ONAP Portal. By providing a crafted user input, an attacker gains access to the service database. All ONAP setups are affected.
Patches
Issue fixed with major ONAP Portal rework in Frankfurt.
Credits
Jakub Botwicz from Samsung
Łukasz Wrochna from Samsung