CVE-2019-12119 : Exploit Details and Defense Strategies
Learn about CVE-2019-12119, a vulnerability in ONAP SDC allowing unauthorized code execution in a specific pod port, impacting ONAP Operations Manager setups. Find mitigation steps and affected systems here.
ONAP SDC up to Dublin version allows unauthorized code execution through a specific pod port, affecting ONAP Operations Manager configurations.
Understanding CVE-2019-12119
An issue in ONAP SDC enables attackers to run arbitrary code within a pod by accessing a specific port.
What is CVE-2019-12119?
This CVE identifies a vulnerability in ONAP SDC up to Dublin version that permits unauthorized code execution within a pod.
The Impact of CVE-2019-12119
The vulnerability allows attackers to execute any code they desire within the affected pod, impacting all ONAP Operations Manager setups.
Technical Details of CVE-2019-12119
ONAP SDC vulnerability details and affected systems.
Vulnerability Description
Unauthorized individuals can run arbitrary code within the pod by accessing port 7000 of the demo-sdc-sdc-wfd-fe pod.
Affected Systems and Versions
- Product: ONAP SDC up to Dublin version
- Vendor: N/A
- Version: N/A
Exploitation Mechanism
Attackers with access to pod-to-pod communication can exploit port 7000 to execute unauthorized code within the pod.
Mitigation and Prevention
Steps to mitigate and prevent exploitation of CVE-2019-12119.
Immediate Steps to Take
- Restrict access to port 7000 of the demo-sdc-sdc-wfd-fe pod
- Monitor pod-to-pod communication for unauthorized access
Long-Term Security Practices
- Implement network segmentation to limit pod communication
- Regularly audit and update access controls
Patching and Updates
- Apply patches or updates provided by ONAP to address the vulnerability