CVE-2019-12125

Name of the Vulnerable Software and Affected Versions ONAP Logging through Dublin (affected versions not specified) ONAP Operations Manager (OOM) setups (affected versions not specified)

Description The issue allows an attacker to gain full access to ONAP services without authentication by accessing specific ports, including 30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and 30271. All ONAP Operations Manager (OOM) setups are affected.

Recommendations For ONAP Logging through Dublin, restrict access to the specified ports (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and 30271) to minimize the risk of exploitation. For ONAP Operations Manager (OOM) setups, consider implementing additional authentication mechanisms to prevent unauthorized access to ONAP services. At the moment, there is no information about a newer version that contains a fix for this vulnerability.