CVE-2019-12127

Name of the Vulnerable Software and Affected Versions ONAP OOM versions through Dublin

Description The issue allows an attacker to gain full access to ONAP services without authentication by accessing specific ports. All ONAP Operations Manager setups are affected.

Recommendations For versions through Dublin, restrict access to the applicable ports (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and 30271) to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.