CVE-2019-12129 : Exploit Details and Defense Strategies

A vulnerability in ONAP MSB through the Dublin version allows attackers to gain unrestricted access to ONAP services without authentication.

Understanding CVE-2019-12129

This CVE describes a security issue in ONAP MSB that enables unauthorized access to ONAP services through specific ports.

What is CVE-2019-12129?

In ONAP MSB through Dublin, attackers can connect to certain ports and gain full access to ONAP services without needing any authentication, affecting all ONAP Operations Manager configurations.

The Impact of CVE-2019-12129

The vulnerability allows unauthorized users to exploit ONAP services, potentially leading to data breaches, service disruptions, and unauthorized system modifications.

Technical Details of CVE-2019-12129

The technical aspects of the vulnerability are outlined below:

Vulnerability Description

Attackers can exploit ONAP MSB through specific ports to access ONAP services without authentication, impacting all OOM setups.

Affected Systems and Versions

Product: N/A
Vendor: N/A
Versions: N/A

Exploitation Mechanism

Unauthorized users can gain access to ONAP services by connecting to ports 30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271 without requiring any form of authentication.

Mitigation and Prevention

To address CVE-2019-12129, the following steps are recommended:

Immediate Steps to Take

Monitor network traffic for any suspicious activities on the mentioned ports.
Implement access controls and authentication mechanisms to restrict unauthorized access.

Long-Term Security Practices

Regularly update and patch ONAP MSB and related systems to mitigate known vulnerabilities.
Conduct security assessments and penetration testing to identify and address potential weaknesses.

Patching and Updates

Apply patches and updates provided by ONAP to fix the vulnerability and enhance system security.