exploitDog

CVE-2022-29609

Опубликовано: 20 апр. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the INSTALLING state, indicating that its flow rules are installing. Improper handling of such an intent is misleading to a network operator.

Ссылки

https://wiki.onosproject.org/display/ONOS/Intent+Framework
Product
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf
Exploit
Technical Description
Third Party Advisory
https://wiki.onosproject.org/display/ONOS/Intent+Framework
Product
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opennetworking:onos:2.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00087

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-670

CWE-670

Связанные уязвимости

GHSA-5fqf-3hpp-7g3x

CVSS3: 5.3

github

почти 3 года назад

An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the INSTALLING state, indicating that its flow rules are installing. Improper handling of such an intent is misleading to a network operator.

EPSS

Процентиль: 25%

0.00087

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-670

CWE-670