CVE-2024-48730

The default configuration in ETSI Open-Source MANO (OSM) v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges.

CVSS

No CVSS.

References

Link	Resource
https://www.osmium.solutions/articles/osm-mano-vulnerability-discovery.html#2

Configurations

No configuration.

History

18 Aug 2025, 20:15

Type	Values Removed	Values Added
Summary	~~An issue in ETSI Open-Source MANO (OSM) v.14.x, v.15.x allows a remote attacker to escalate privileges via not imposing any restrictions on the authentication attempts performed by an admin user~~	The default configuration in ETSI Open-Source MANO (OSM) v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authentication attempts performed by the default admin user, allowing a remote attacker to escalate privileges.

18 Aug 2025, 13:15

Type	Values Removed	Values Added
References	~~{'url': 'http://open.com', 'name': 'http://open.com', 'tags': [], 'refsource': ''}~~ ~~{'url': 'http://etsi.com', 'name': 'http://etsi.com', 'tags': [], 'refsource': ''}~~

25 Jul 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-25 15:15

Updated : 2025-08-18 20:15

NVD link : CVE-2024-48730

Mitre link : CVE-2024-48730

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2024-48730

Attach tags to `CVE-2024-48730`