CVE-2019-12118 : Security Advisory and Response
Discover the impact of CVE-2019-12118, allowing unauthorized code execution in ONAP SDC. Learn about affected systems, exploitation mechanism, and mitigation steps.
A vulnerability has been identified in ONAP SDC up to Dublin version, allowing unauthorized code execution within a pod.
Understanding CVE-2019-12118
This CVE describes a security flaw in ONAP SDC that can be exploited to execute arbitrary code within a specific pod.
What is CVE-2019-12118?
The vulnerability in ONAP SDC up to Dublin version allows unauthorized individuals with access to pod-to-pod communication to execute arbitrary code by gaining access to port 7001 of the demo-sdc-sdc-wfd-be pod.
The Impact of CVE-2019-12118
The vulnerability affects all setups of ONAP Operations Manager (OOM) and can lead to unauthorized code execution within the affected pod.
Technical Details of CVE-2019-12118
The technical aspects of the CVE provide insight into the vulnerability and its implications.
Vulnerability Description
An unauthorized attacker, with existing pod-to-pod communication access, can execute arbitrary code by accessing port 7001 of the demo-sdc-sdc-wfd-be pod in ONAP SDC up to Dublin version.
Affected Systems and Versions
- Product: ONAP SDC up to Dublin version
- Vendor: N/A
- Versions: N/A
Exploitation Mechanism
The vulnerability can be exploited by unauthorized individuals gaining access to port 7001 of the demo-sdc-sdc-wfd-be pod.
Mitigation and Prevention
Effective measures to mitigate the impact of CVE-2019-12118.
Immediate Steps to Take
- Monitor and restrict access to port 7001 of the demo-sdc-sdc-wfd-be pod
- Implement network segmentation to limit unauthorized access
Long-Term Security Practices
- Regularly update and patch ONAP SDC to the latest version
- Conduct security audits and penetration testing to identify vulnerabilities
Patching and Updates
- Apply patches and updates provided by ONAP to address the vulnerability