exploitDog

CVE-2021-38363

Опубликовано: 20 апр. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in ONOS 2.5.1. In IntentManager, the install-requested intent (which causes an exception) remains in pendingMap (in memory) forever. Deletion is possible neither by a user nor by the intermittent Intent Cleanup process.

Ссылки

https://opennetworking.org/onos/
Product
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf
Exploit
Technical Description
Third Party Advisory
https://opennetworking.org/onos/
Product
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opennetworking:onos:2.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00087

Низкий

7.5 High

CVSS3

Дефекты

CWE-755

CWE-755

Связанные уязвимости

GHSA-mfw3-qw8q-q93x

CVSS3: 7.5

github

почти 3 года назад

An issue was discovered in ONOS 2.5.1. In IntentManager, the install-requested intent (which causes an exception) remains in pendingMap (in memory) forever. Deletion is possible neither by a user nor by the intermittent Intent Cleanup process.

EPSS

Процентиль: 25%

0.00087

Низкий

7.5 High

CVSS3

Дефекты

CWE-755

CWE-755