ETSI Open-Source MANO Privilege Escalation Vulnerability

A vulnerability in ETSI Open-Source MANO (OSM) versions 14.x and 15.x allows remote attackers to escalate privileges by exploiting the lack of restrictions on authentication attempts for admin users. This flaw can be exploited to gain unauthorized access to administrative functions, potentially leading to full system compromise.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling users to gain administrative rights and access sensitive functions and data within the OSM MANO platform.

Reproduction

The vulnerability can be reproduced by sending multiple authentication requests to the OSM MANO instance's admin account. The absence of request throttling or account lockout measures allows for brute-force attacks to be conducted unimpeded, with tools like Wfuzz capable of automating the process and bypassing any rate limits.

Remediation

Users are advised to update to OSM MANO versions 14.0.3, 15.0.2, or 17.0.1. For version 16.0.0, a fix is available from a specific commit. Additionally, restrict access to the OSM interface to trusted users and implement request throttling and automated blacklisting for excessive or abnormal request patterns.