CVE-2019-12120

Name of the Vulnerable Software and Affected Versions ONAP VNFSDK versions through Dublin ONAP Operations Manager (OOM) setups (affected versions not specified)

Description An issue was discovered in ONAP VNFSDK, allowing an unauthenticated attacker with access to pod-to-pod communication to execute arbitrary code inside a pod by accessing port 8000 of demo-vnfsdk-vnfsdk. All ONAP Operations Manager (OOM) setups are affected.

Recommendations For ONAP VNFSDK versions through Dublin, consider restricting access to port 8000 of demo-vnfsdk-vnfsdk to prevent arbitrary code execution. For ONAP Operations Manager (OOM) setups, restrict pod-to-pod communication to minimize the risk of exploitation. As a temporary workaround, consider disabling access to demo-vnfsdk-vnfsdk until a patch is available.