CVE-2022-29606

An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent and flow rules in the network...

Open Networking Foundation ONOS 输入验证错误漏洞

Open Networking Foundation ONOS is an open source SDN controller from Open Networking Foundation open source. It is used to build next-generation SDN/NFV solutions. A security vulnerability exists in Open Networking Foundation ONOS version 2.5.1, which stems from the fact that intents with large...

PT-2023-12981 · Onos · Onos

Name of the Vulnerable Software and Affected Versions: ONOS version 2.5.1 Description: An issue was discovered where an intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent an...

The vulnerability of the OpenSSL library, which allows a hacker to trigger a service failure

The vulnerability of the Anti-Replay function in the DTLS library of OpenSSL is related to the incorrect use of large port numbers. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures using fake DTLS records...