ONAP Meeting 2 is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://zoom.us/j/899097173 One tap mobile +16699006833,,899097173# US (San Jose) +16465588656,,899097173# US (New York) D

The web page https://support.apple.com/en-us/HT210176 lays out enhanced minimum requirements that Apple is going to require starting in iOS 13. I’m wondering how well AAF-generated certificates stack

Dear SECCOM, please find the attached proposal of procedure for exposing new Node Port in ONAP. The main goal of this procedure is to allow SECCOM to have better control over what's being exposed outs

(Bcc’d to: onap-seccom@...; onap-arc@...; onap-modelingsub@...; onap-usecasesub@...; onap-controlloopsub@...; onap-discuss@...) A new poll has been created: Poll closes noon Pacific, July 6th- The nex

This has been approved by a majority vote. -kenny

**Date:** 2019-05-28 **ID:** OSA-2019-026 **Title:** AAF Secret Management Service allows to access all stored data **CVE:** CVE-2019-12320 **Severity:** Important Affects ------- * AAF: before Dublin

**Date:** 2019-05-28 **ID:** OSA-2019-025 **Title:** Unprotected APIs/UIs exposed in CLI project **CVE:** CVE-2019-12130 **Severity:** Important Affects ------- * CLI: Dublin and earlier Description -

**Date:** 2019-05-28 **ID:** OSA-2019-024 **Title:** Unprotected APIs/UIs exposed in MSB project **CVE:** CVE-2019-12129 **Severity:** Important Affects ------- * MSB: Dublin and earlier Description -

**Date:** 2019-05-28 **ID:** OSA-2019-023 **Title:** Unprotected APIs/UIs exposed in SO project **CVE:** CVE-2019-12128 **Severity:** Important Affects ------- * SO: Dublin and earlier Description ---

**Date:** 2019-05-28 **ID:** OSA-2019-022 **Title:** Unprotected APIs/UIs exposed in OOM project **CVE:** CVE-2019-12127 **Severity:** Important Affects ------- * OOM: Dublin and earlier Description -

**Date:** 2019-05-28 **ID:** OSA-2019-021 **Title:** Unprotected APIs/UIs exposed in DCAE project **CVE:** CVE-2019-12126 **Severity:** Important Affects ------- * DCAE: Dublin and earlier Description

**Date:** 2019-05-28 **ID:** OSA-2019-020 **Title:** Unprotected APIs/UIs exposed in Logging project **CVE:** CVE-2019-12125 **Severity:** Important Affects ------- * Logging: Dublin and earlier Descr

**Date:** 2019-05-28 **ID:** OSA-2019-019 **Title:** SDNC service allows for arbitrary code execution in sla/upload form **CVE:** CVE-2019-12112 **Severity:** Critical Affects ------- * SDNC: before D

**Date:** 2019-05-28 **ID:** OSA-2019-018 **Title:** SQL Injections in Portal **CVE:** CVE-2019-12318 **Severity:** Important Affects ------- * Portal: Dublin and earlier Description ----------- Jakub

**Date:** 2019-05-28 **ID:** OSA-2019-017 **Title:** Some ONAP services allows to impersonate any user without authentication **CVE:** CVE-2019-12131 **Severity:** Important Affects ------- * APPC: Du

**Date:** 2019-05-28 **ID:** OSA-2019-016 **Title:** ONAP Portal is vulnerable for Padding Oracle attack **CVE:** CVE-2019-12121 **Severity:** Important Affects ------- * Portal: Dublin and earlier De

**Date:** 2019-05-28 **ID:** OSA-2019-015 **Title:** VNFSDK exposes JDWP port on localhost which allows to gain root privileges inside the container **CVE:** CVE-2019-12119 **Severity:** Moderate Affe

**Date:** 2019-05-28 **CVE:** CVE-2019-12119 **ID:** OSA-2019-14 **Title:** SDC exposes JDWP outside of pod which allows for arbitrary code execution **Severity:** Critical Affects ------- * SDC: Dubl

**Date:** 2019-05-28 **ID:** OSA-2019-013 **Title:** SDC exposes JDWP outside of pod which allows for arbitrary code execution **CVE:** CVE-2019-12118 **Severity:** Critical Affects ------- * SDC: Dub

**Date:** 2019-05-28 **ID:** OSA-2019-012 **CVE:** CVE-2019-12117 **Severity:** Critical Affects ------- * SDC: Dublin and earlier Description ----------- Radosław Żeszczuk from Samsung reported vulne