exploitDog

CVE-2022-29605

Опубликовано: 20 апр. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.0 switch that does not support IPv6. Improper handling of the difference in capabilities of the intent and switch is misleading to a network operator.

Ссылки

https://wiki.onosproject.org/display/ONOS/Intent+Framework
Product
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf
Exploit
Technical Description
Third Party Advisory
https://wiki.onosproject.org/display/ONOS/Intent+Framework
Product
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opennetworking:onos:2.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00087

Низкий

7.5 High

CVSS3

Дефекты

CWE-670

CWE-670

Связанные уязвимости

GHSA-wq7p-5x5c-phqr

CVSS3: 7.5

github

почти 3 года назад

An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.0 switch that does not support IPv6. Improper handling of the difference in capabilities of the intent and switch is misleading to a network operator.

EPSS

Процентиль: 25%

0.00087

Низкий

7.5 High

CVSS3

Дефекты

CWE-670

CWE-670