CVE-2019-12124
First published: Wed Mar 18 2020(Updated: )
An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Onap Open Network Automation Platform | >=3.0.0<4.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-12124?
CVE-2019-12124 is classified as a critical vulnerability due to the potential for unauthenticated file read and overwrite access.
How do I fix CVE-2019-12124?
To fix CVE-2019-12124, secure the Jolokia interface by implementing proper authentication measures and restricting access.
What software versions are affected by CVE-2019-12124?
All versions of ONAP APPC from 3.0.0 to 4.0.0 are affected by CVE-2019-12124.
Can an attacker exploit CVE-2019-12124 remotely?
Yes, an unauthenticated attacker can exploit CVE-2019-12124 remotely due to the exposed Jolokia interface.
What are the risks associated with CVE-2019-12124?
The risks associated with CVE-2019-12124 include unauthorized access to sensitive files, potential data loss, and service disruptions.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/author
- agent/severity
- agent/remedy
- agent/first-publish-date
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/onap
- canonical/onap open network automation platform
- version/onap open network automation platform/3.0.0