summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--docs/index.rst2
-rw-r--r--osa/OSA-2019-001.rst2
-rw-r--r--osa/OSA-2019-002.rst2
-rw-r--r--osa/OSA-2019-003.rst2
-rw-r--r--osa/OSA-2019-004.rst2
-rw-r--r--osa/OSA-2019-005.rst2
-rw-r--r--osa/OSA-2019-006.rst2
-rw-r--r--osa/OSA-2019-007.rst2
-rw-r--r--osa/OSA-2019-008.rst2
-rw-r--r--osa/OSA-2019-009.rst2
-rw-r--r--osa/OSA-2019-010.rst2
-rw-r--r--osa/OSA-2019-011.rst2
-rw-r--r--osa/OSA-2019-012.rst2
-rw-r--r--osa/OSA-2019-013.rst2
-rw-r--r--osa/OSA-2019-014.rst2
-rw-r--r--osa/OSA-2019-015.rst2
-rw-r--r--osa/OSA-2019-016.rst2
-rw-r--r--osa/OSA-2019-017.rst2
-rw-r--r--osa/OSA-2019-018.rst2
-rw-r--r--osa/OSA-2019-019.rst2
-rw-r--r--osa/OSA-2019-020.rst2
-rw-r--r--osa/OSA-2019-021.rst2
-rw-r--r--osa/OSA-2019-022.rst2
-rw-r--r--osa/OSA-2019-023.rst2
-rw-r--r--osa/OSA-2019-024.rst2
-rw-r--r--osa/OSA-2019-025.rst2
-rw-r--r--osa/OSA-2019-026.rst2
27 files changed, 53 insertions, 1 deletions
diff --git a/docs/index.rst b/docs/index.rst
index a516e33..6510992 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -1,5 +1,5 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
-.. Copyright 2019 Samsung Electronics
+.. Copyright 2019-2020 Samsung Electronics
.. _onap-security:
diff --git a/osa/OSA-2019-001.rst b/osa/OSA-2019-001.rst
index 7d49088..9d911bb 100644
--- a/osa/OSA-2019-001.rst
+++ b/osa/OSA-2019-001.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=====================================================
OSA-2019-001: Number of XSS vulnerabilities in Portal
=====================================================
diff --git a/osa/OSA-2019-002.rst b/osa/OSA-2019-002.rst
index 33372e9..6e47ff8 100644
--- a/osa/OSA-2019-002.rst
+++ b/osa/OSA-2019-002.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
===================================
OSA-2019-002: SQL Injection in APPC
===================================
diff --git a/osa/OSA-2019-003.rst b/osa/OSA-2019-003.rst
index a003d2f..beba005 100644
--- a/osa/OSA-2019-003.rst
+++ b/osa/OSA-2019-003.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
====================================
OSA-2019-003: SQL Injections in SDNC
====================================
diff --git a/osa/OSA-2019-004.rst b/osa/OSA-2019-004.rst
index 74369a8..435ad39 100644
--- a/osa/OSA-2019-004.rst
+++ b/osa/OSA-2019-004.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
===================================================================================
OSA-2019-004: SDNC service allows for arbitrary code execution in sla/dgUpload form
===================================================================================
diff --git a/osa/OSA-2019-005.rst b/osa/OSA-2019-005.rst
index e0ac395..d54ddb5 100644
--- a/osa/OSA-2019-005.rst
+++ b/osa/OSA-2019-005.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=====================================================================================
OSA-2019-005: SDNC service allows for arbitrary code execution in sla/printAsXml form
=====================================================================================
diff --git a/osa/OSA-2019-006.rst b/osa/OSA-2019-006.rst
index 1b30efd..329c0cb 100644
--- a/osa/OSA-2019-006.rst
+++ b/osa/OSA-2019-006.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
====================================================================================
OSA-2019-006: SDNC service allows for arbitrary code execution in sla/printAsGv form
====================================================================================
diff --git a/osa/OSA-2019-007.rst b/osa/OSA-2019-007.rst
index ea8240a..8bc4b24 100644
--- a/osa/OSA-2019-007.rst
+++ b/osa/OSA-2019-007.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=================================================================================================
OSA-2019-007: APPC exposes Jolokia interface which allows to read and overwrite an arbitrary file
=================================================================================================
diff --git a/osa/OSA-2019-008.rst b/osa/OSA-2019-008.rst
index 1b72a53..e3df959 100644
--- a/osa/OSA-2019-008.rst
+++ b/osa/OSA-2019-008.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
==============================================================================
OSA-2019-008: ONAP Portal allows to retrieve password of currently active user
==============================================================================
diff --git a/osa/OSA-2019-009.rst b/osa/OSA-2019-009.rst
index bf13b52..80eb1fc 100644
--- a/osa/OSA-2019-009.rst
+++ b/osa/OSA-2019-009.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
==========================================================================================
OSA-2019-009: HOLMES exposes JDWP outside of pod which allows for arbitrary code execution
==========================================================================================
diff --git a/osa/OSA-2019-010.rst b/osa/OSA-2019-010.rst
index 6961a8d..b3024b1 100644
--- a/osa/OSA-2019-010.rst
+++ b/osa/OSA-2019-010.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=======================================================================================
OSA-2019-010: SDC exposes JDWP outside of pod which allows for arbitrary code execution
=======================================================================================
diff --git a/osa/OSA-2019-011.rst b/osa/OSA-2019-011.rst
index b6289fa..25f130a 100644
--- a/osa/OSA-2019-011.rst
+++ b/osa/OSA-2019-011.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=======================================================================================
OSA-2019-011: SDC exposes JDWP outside of pod which allows for arbitrary code execution
=======================================================================================
diff --git a/osa/OSA-2019-012.rst b/osa/OSA-2019-012.rst
index f5863ae..3d66a85 100644
--- a/osa/OSA-2019-012.rst
+++ b/osa/OSA-2019-012.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=======================================================================================
OSA-2019-012: SDC exposes JDWP outside of pod which allows for arbitrary code execution
=======================================================================================
diff --git a/osa/OSA-2019-013.rst b/osa/OSA-2019-013.rst
index e05e584..6252158 100644
--- a/osa/OSA-2019-013.rst
+++ b/osa/OSA-2019-013.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=======================================================================================
OSA-2019-013: SDC exposes JDWP outside of pod which allows for arbitrary code execution
=======================================================================================
diff --git a/osa/OSA-2019-014.rst b/osa/OSA-2019-014.rst
index 3f15312..dc291f4 100644
--- a/osa/OSA-2019-014.rst
+++ b/osa/OSA-2019-014.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=======================================================================================
OSA-2019-014: SDC exposes JDWP outside of pod which allows for arbitrary code execution
=======================================================================================
diff --git a/osa/OSA-2019-015.rst b/osa/OSA-2019-015.rst
index 2f87073..0cca199 100644
--- a/osa/OSA-2019-015.rst
+++ b/osa/OSA-2019-015.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=============================================================================================================
OSA-2019-016: VNFSDK exposes JDWP port on localhost which allows to gain root privileges inside the container
=============================================================================================================
diff --git a/osa/OSA-2019-016.rst b/osa/OSA-2019-016.rst
index ced588e..d38463c 100644
--- a/osa/OSA-2019-016.rst
+++ b/osa/OSA-2019-016.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=================================================================
OSA-2019-016: ONAP Portal is vulnerable for Padding Oracle attack
=================================================================
diff --git a/osa/OSA-2019-017.rst b/osa/OSA-2019-017.rst
index ca0ded5..f4d5cc6 100644
--- a/osa/OSA-2019-017.rst
+++ b/osa/OSA-2019-017.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
======================================================================================
OSA-2019-017: Some ONAP services allows to impersonate any user without authentication
======================================================================================
diff --git a/osa/OSA-2019-018.rst b/osa/OSA-2019-018.rst
index ac98c2f..00ce804 100644
--- a/osa/OSA-2019-018.rst
+++ b/osa/OSA-2019-018.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
======================================
OSA-2019-018: SQL Injections in Portal
======================================
diff --git a/osa/OSA-2019-019.rst b/osa/OSA-2019-019.rst
index fe73f31..0c2a1ae 100644
--- a/osa/OSA-2019-019.rst
+++ b/osa/OSA-2019-019.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=================================================================================
OSA-2019-019: SDNC service allows for arbitrary code execution in sla/upload form
=================================================================================
diff --git a/osa/OSA-2019-020.rst b/osa/OSA-2019-020.rst
index 58b3c30..d805ee1 100644
--- a/osa/OSA-2019-020.rst
+++ b/osa/OSA-2019-020.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=============================================================
OSA-2019-020: Unprotected APIs/UIs exposed in Logging project
=============================================================
diff --git a/osa/OSA-2019-021.rst b/osa/OSA-2019-021.rst
index 2c2a18f..8d15e14 100644
--- a/osa/OSA-2019-021.rst
+++ b/osa/OSA-2019-021.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
==========================================================
OSA-2019-021: Unprotected APIs/UIs exposed in DCAE project
==========================================================
diff --git a/osa/OSA-2019-022.rst b/osa/OSA-2019-022.rst
index 7da630f..80871f2 100644
--- a/osa/OSA-2019-022.rst
+++ b/osa/OSA-2019-022.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=========================================================
OSA-2019-022: Unprotected APIs/UIs exposed in OOM project
=========================================================
diff --git a/osa/OSA-2019-023.rst b/osa/OSA-2019-023.rst
index 5b7d77e..a38307f 100644
--- a/osa/OSA-2019-023.rst
+++ b/osa/OSA-2019-023.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
========================================================
OSA-2019-023: Unprotected APIs/UIs exposed in SO project
========================================================
diff --git a/osa/OSA-2019-024.rst b/osa/OSA-2019-024.rst
index 3f7c67f..d2c1d24 100644
--- a/osa/OSA-2019-024.rst
+++ b/osa/OSA-2019-024.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=========================================================
OSA-2019-024: Unprotected APIs/UIs exposed in MSB project
=========================================================
diff --git a/osa/OSA-2019-025.rst b/osa/OSA-2019-025.rst
index 31c0867..ddbf3ff 100644
--- a/osa/OSA-2019-025.rst
+++ b/osa/OSA-2019-025.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
=========================================================
OSA-2019-025: Unprotected APIs/UIs exposed in CLI project
=========================================================
diff --git a/osa/OSA-2019-026.rst b/osa/OSA-2019-026.rst
index 4fe5e60..24bc95d 100644
--- a/osa/OSA-2019-026.rst
+++ b/osa/OSA-2019-026.rst
@@ -1,6 +1,8 @@
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. Copyright 2019 Samsung Electronics
+:orphan:
+
============================================================================
OSA-2019-026: AAF Secret Management Service allows to access all stored data
============================================================================