An issue exists in ONAP SDNC before Dublin. By executing sla/dgUpload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
onap open network automation platform |
Vulmon