exploitDog

CVE-2022-29607

Опубликовано: 20 апр. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the INSTALLED state without any flow rule. Improper handling of such an intent is misleading to a network operator.

Ссылки

https://wiki.onosproject.org/display/ONOS/Intent+Framework
Product
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf
Exploit
Technical Description
Third Party Advisory
https://wiki.onosproject.org/display/ONOS/Intent+Framework
Product
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opennetworking:onos:2.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00087

Низкий

7.5 High

CVSS3

Дефекты

CWE-670

CWE-670

Связанные уязвимости

GHSA-m4j6-f6gp-xcm3

CVSS3: 7.5

github

почти 3 года назад

An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the INSTALLED state without any flow rule. Improper handling of such an intent is misleading to a network operator.

EPSS

Процентиль: 25%

0.00087

Низкий

7.5 High

CVSS3

Дефекты

CWE-670

CWE-670