An issue exists in ONAP Portal through Dublin. By executing a call to ONAPPORTAL/portalApi/loggedinUser, an attacker who possesses a user's cookie may retrieve that user's password from the database. All Portal setups are affected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
onap open network automation platform |