|
SECCOM - extra meeting with Linda #2 4 messages
ONAP Meeting 2 is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://zoom.us/j/899097173 One tap mobile +16699006833,,899097173# US (San Jose) +16465588656,,899097173# US (New York) D
ONAP Meeting 2 is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://zoom.us/j/899097173 One tap mobile +16699006833,,899097173# US (San Jose) +16465588656,,899097173# US (New York) D
|
By Pawel Pawlak
·
|
|
Requirements for trusted certificates in iOS 13 and macOS 10.15 4 messages
The web page https://support.apple.com/en-us/HT210176 lays out enhanced minimum requirements that Apple is going to require starting in iOS 13. I’m wondering how well AAF-generated certificates stack
The web page https://support.apple.com/en-us/HT210176 lays out enhanced minimum requirements that Apple is going to require starting in iOS 13. I’m wondering how well AAF-generated certificates stack
|
By Tony Hansen
·
|
|
Exposing new Node Port procedure proposal 16 messages
Dear SECCOM, please find the attached proposal of procedure for exposing new Node Port in ONAP. The main goal of this procedure is to allow SECCOM to have better control over what's being exposed outs
Dear SECCOM, please find the attached proposal of procedure for exposing new Node Port in ONAP. The main goal of this procedure is to allow SECCOM to have better control over what's being exposed outs
|
By Krzysztof Opasiak
·
|
|
Fall 2019 Joint Subcommittee Meeting Dates
#poll
(Bcc’d to: onap-seccom@...; onap-arc@...; onap-modelingsub@...; onap-usecasesub@...; onap-controlloopsub@...; onap-discuss@...) A new poll has been created: Poll closes noon Pacific, July 6th- The nex
(Bcc’d to: onap-seccom@...; onap-arc@...; onap-modelingsub@...; onap-usecasesub@...; onap-controlloopsub@...; onap-discuss@...) A new poll has been created: Poll closes noon Pacific, July 6th- The nex
|
By Kenny Paul
·
|
|
[onap-tsc-vote] [NEED YOUR INPUTS]: ONAP Pen Test Results Early Disclosure 5 messages
This has been approved by a majority vote. -kenny
This has been approved by a majority vote. -kenny
|
By Kenny Paul
·
|
|
[OSA] Vulnerability in ONAP AAF (CVE-2019-12320)
**Date:** 2019-05-28 **ID:** OSA-2019-026 **Title:** AAF Secret Management Service allows to access all stored data **CVE:** CVE-2019-12320 **Severity:** Important Affects ------- * AAF: before Dublin
**Date:** 2019-05-28 **ID:** OSA-2019-026 **Title:** AAF Secret Management Service allows to access all stored data **CVE:** CVE-2019-12320 **Severity:** Important Affects ------- * AAF: before Dublin
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP CLI (CVE-2019-12130)
**Date:** 2019-05-28 **ID:** OSA-2019-025 **Title:** Unprotected APIs/UIs exposed in CLI project **CVE:** CVE-2019-12130 **Severity:** Important Affects ------- * CLI: Dublin and earlier Description -
**Date:** 2019-05-28 **ID:** OSA-2019-025 **Title:** Unprotected APIs/UIs exposed in CLI project **CVE:** CVE-2019-12130 **Severity:** Important Affects ------- * CLI: Dublin and earlier Description -
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP MSB (CVE-2019-12129)
**Date:** 2019-05-28 **ID:** OSA-2019-024 **Title:** Unprotected APIs/UIs exposed in MSB project **CVE:** CVE-2019-12129 **Severity:** Important Affects ------- * MSB: Dublin and earlier Description -
**Date:** 2019-05-28 **ID:** OSA-2019-024 **Title:** Unprotected APIs/UIs exposed in MSB project **CVE:** CVE-2019-12129 **Severity:** Important Affects ------- * MSB: Dublin and earlier Description -
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP SO (CVE-2019-12128)
**Date:** 2019-05-28 **ID:** OSA-2019-023 **Title:** Unprotected APIs/UIs exposed in SO project **CVE:** CVE-2019-12128 **Severity:** Important Affects ------- * SO: Dublin and earlier Description ---
**Date:** 2019-05-28 **ID:** OSA-2019-023 **Title:** Unprotected APIs/UIs exposed in SO project **CVE:** CVE-2019-12128 **Severity:** Important Affects ------- * SO: Dublin and earlier Description ---
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP OOM (CVE-2019-12127)
**Date:** 2019-05-28 **ID:** OSA-2019-022 **Title:** Unprotected APIs/UIs exposed in OOM project **CVE:** CVE-2019-12127 **Severity:** Important Affects ------- * OOM: Dublin and earlier Description -
**Date:** 2019-05-28 **ID:** OSA-2019-022 **Title:** Unprotected APIs/UIs exposed in OOM project **CVE:** CVE-2019-12127 **Severity:** Important Affects ------- * OOM: Dublin and earlier Description -
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP DCAE (CVE-2019-12126)
**Date:** 2019-05-28 **ID:** OSA-2019-021 **Title:** Unprotected APIs/UIs exposed in DCAE project **CVE:** CVE-2019-12126 **Severity:** Important Affects ------- * DCAE: Dublin and earlier Description
**Date:** 2019-05-28 **ID:** OSA-2019-021 **Title:** Unprotected APIs/UIs exposed in DCAE project **CVE:** CVE-2019-12126 **Severity:** Important Affects ------- * DCAE: Dublin and earlier Description
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP Logging (CVE-2019-12125)
**Date:** 2019-05-28 **ID:** OSA-2019-020 **Title:** Unprotected APIs/UIs exposed in Logging project **CVE:** CVE-2019-12125 **Severity:** Important Affects ------- * Logging: Dublin and earlier Descr
**Date:** 2019-05-28 **ID:** OSA-2019-020 **Title:** Unprotected APIs/UIs exposed in Logging project **CVE:** CVE-2019-12125 **Severity:** Important Affects ------- * Logging: Dublin and earlier Descr
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP SDNC (CVE-2019-12112)
**Date:** 2019-05-28 **ID:** OSA-2019-019 **Title:** SDNC service allows for arbitrary code execution in sla/upload form **CVE:** CVE-2019-12112 **Severity:** Critical Affects ------- * SDNC: before D
**Date:** 2019-05-28 **ID:** OSA-2019-019 **Title:** SDNC service allows for arbitrary code execution in sla/upload form **CVE:** CVE-2019-12112 **Severity:** Critical Affects ------- * SDNC: before D
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP Portal (CVE-2019-12318)
**Date:** 2019-05-28 **ID:** OSA-2019-018 **Title:** SQL Injections in Portal **CVE:** CVE-2019-12318 **Severity:** Important Affects ------- * Portal: Dublin and earlier Description ----------- Jakub
**Date:** 2019-05-28 **ID:** OSA-2019-018 **Title:** SQL Injections in Portal **CVE:** CVE-2019-12318 **Severity:** Important Affects ------- * Portal: Dublin and earlier Description ----------- Jakub
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP APPC and SDC (CVE-2019-12131)
**Date:** 2019-05-28 **ID:** OSA-2019-017 **Title:** Some ONAP services allows to impersonate any user without authentication **CVE:** CVE-2019-12131 **Severity:** Important Affects ------- * APPC: Du
**Date:** 2019-05-28 **ID:** OSA-2019-017 **Title:** Some ONAP services allows to impersonate any user without authentication **CVE:** CVE-2019-12131 **Severity:** Important Affects ------- * APPC: Du
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP Portal (CVE-2019-12121)
**Date:** 2019-05-28 **ID:** OSA-2019-016 **Title:** ONAP Portal is vulnerable for Padding Oracle attack **CVE:** CVE-2019-12121 **Severity:** Important Affects ------- * Portal: Dublin and earlier De
**Date:** 2019-05-28 **ID:** OSA-2019-016 **Title:** ONAP Portal is vulnerable for Padding Oracle attack **CVE:** CVE-2019-12121 **Severity:** Important Affects ------- * Portal: Dublin and earlier De
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP VNFSDK (CVE-2019-12119)
**Date:** 2019-05-28 **ID:** OSA-2019-015 **Title:** VNFSDK exposes JDWP port on localhost which allows to gain root privileges inside the container **CVE:** CVE-2019-12119 **Severity:** Moderate Affe
**Date:** 2019-05-28 **ID:** OSA-2019-015 **Title:** VNFSDK exposes JDWP port on localhost which allows to gain root privileges inside the container **CVE:** CVE-2019-12119 **Severity:** Moderate Affe
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP SDC (CVE-2019-12119)
**Date:** 2019-05-28 **CVE:** CVE-2019-12119 **ID:** OSA-2019-14 **Title:** SDC exposes JDWP outside of pod which allows for arbitrary code execution **Severity:** Critical Affects ------- * SDC: Dubl
**Date:** 2019-05-28 **CVE:** CVE-2019-12119 **ID:** OSA-2019-14 **Title:** SDC exposes JDWP outside of pod which allows for arbitrary code execution **Severity:** Critical Affects ------- * SDC: Dubl
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP SDC (CVE-2019-12118)
**Date:** 2019-05-28 **ID:** OSA-2019-013 **Title:** SDC exposes JDWP outside of pod which allows for arbitrary code execution **CVE:** CVE-2019-12118 **Severity:** Critical Affects ------- * SDC: Dub
**Date:** 2019-05-28 **ID:** OSA-2019-013 **Title:** SDC exposes JDWP outside of pod which allows for arbitrary code execution **CVE:** CVE-2019-12118 **Severity:** Critical Affects ------- * SDC: Dub
|
By Krzysztof Opasiak
·
|
|
[OSA] Vulnerability in ONAP SDC (CVE-2019-12117)
**Date:** 2019-05-28 **ID:** OSA-2019-012 **CVE:** CVE-2019-12117 **Severity:** Critical Affects ------- * SDC: Dublin and earlier Description ----------- Radosław Żeszczuk from Samsung reported vulne
**Date:** 2019-05-28 **ID:** OSA-2019-012 **CVE:** CVE-2019-12117 **Severity:** Critical Affects ------- * SDC: Dublin and earlier Description ----------- Radosław Żeszczuk from Samsung reported vulne
|
By Krzysztof Opasiak
·
|