Lucene search

GoogleOSV:CVE-2022-29608

HistoryApr 20, 2023 - 1:15 p.m.

CVE-2022-29608

2023-04-2013:15:07

Google

osv.dev

onos

network loop

vulnerability

software

cve-2022-29608

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

59.1%

JSON

An issue was discovered in ONOS 2.5.1. An intent with a port that is an intermediate point of its path installs an invalid flow rule, causing a network loop.

CPENameOperatorVersion
onoseq1.3.0-rc1
onoseq1.4.0-rc3
onoseq1.10.0-rc1
onoseq2.5.1-rc1
onoseq1.11.0-b4
onoseq1.1.0-rc2
onoseq1.14.0-rc1
onoseq1.4.0
onoseq1.12.0-b2
onoseq1.7.0-rc2

Name	Operator	Version
onos	eq	1.3.0-rc1
onos	eq	1.4.0-rc3
onos	eq	1.10.0-rc1
onos	eq	2.5.1-rc1
onos	eq	1.11.0-b4
onos	eq	1.1.0-rc2
onos	eq	1.14.0-rc1
onos	eq	1.4.0
onos	eq	1.12.0-b2
onos	eq	1.7.0-rc2

Rows per page:

1-10 of 481

References

wiki.onosproject.org/display/ONOS/Intent+Framework

www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

59.1%

JSON

Related for OSV:CVE-2022-29608