Lucene search

PRIOn knowledge basePRION:CVE-2022-29606

HistoryApr 20, 2023 - 1:15 p.m.

Design/Logic Flaw

2023-04-2013:15:00

PRIOn knowledge base

www.prio-n.com

onos

network operator

port numbers

logic flaw

security document

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.4%

JSON

An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent and flow rules in the network.

CPENameOperatorVersion
onoseq2.5.1

CPE	Name	Operator	Version
	onos	eq	2.5.1

References

wiki.onosproject.org/display/ONOS/Intent+Framework

www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf