CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2019/07/22 2:58 p.m.•19 views

CVE-2019-1010234

The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper Input Validation. The impact is: The attacker can remotely execute any commands by sending malicious http request to the controller. The component is: Method runJavaCompiler in YangLiveCompilerManager.java. The attack vector is:...

9.7AI score0.0167EPSS

Exploits1References1

NVD•added 2019/07/19 3:15 p.m.•15 views

CVE-2019-1010245

The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. The component is: apps/yang/src/main/java/org/onosproject/yang/impl/YangLiveCompilerManager.java. The...

9.8CVSS9.8AI score0.03612EPSS

Prion•added 2019/07/19 3:15 p.m.•13 views

Input validation

7.5CVSS9.7AI score0.03612EPSS

Cvelist•added 2019/07/19 2:23 p.m.•20 views

CVE-2019-1010245

9.8AI score0.03612EPSS

NVD•added 2019/07/18 6:15 p.m.•20 views

CVE-2019-1010249

NVD•added 2019/07/18 6:15 p.m.•15 views

CVE-2019-1010252

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: applyFlowRules and apply functions in FlowRuleManager.java. The attack vector is:...

Prion•added 2019/07/18 6:15 p.m.•12 views

Integer overflow

Prion•added 2019/07/18 6:15 p.m.•14 views

Input validation

Prion•added 2019/07/18 6:15 p.m.•19 views

Input validation

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The...

Cvelist•added 2019/07/18 5:53 p.m.•22 views

CVE-2019-1010249

5.2AI score0.01059EPSS

Cvelist•added 2019/07/18 5:51 p.m.•11 views

CVE-2019-1010250

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The...

5.2AI score0.01059EPSS

CNVD•added 2017/08/02 12:0 a.m.•2 views

Linux foundation ONOS Denial of Service Vulnerability

Linux foundation ONOS is an open source SDN network operating system maintained by the Linux Foundation and the ONOS community. A denial of service vulnerability exists in Linux foundation ONOS version 1.9.0. An attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS6.5AI score0.01296EPSS

CNVD•added 2017/08/02 12:0 a.m.•2 views

Linux foundation ONOS cross-site scripting vulnerability

Linux foundation ONOS is an open source SDN network operating system maintained by the Linux Foundation and the ONOS community. A cross-site scripting vulnerability exists in device registration in Linux foundation ONOS version 1.9. A remote attacker can exploit this vulnerability to inject...

6.1CVSS6.1AI score0.00728EPSS

CNVD•added 2017/08/02 12:0 a.m.•4 views

Linux foundation ONOS privilege access vulnerability (CNVD-2017-19578)

Linux foundation ONOS is an open source SDN network operating system maintained by the Linux Foundation and the ONOS community. A security vulnerability exists in Linux foundation ONOS version 1.9.0. An attacker can exploit the vulnerability to use the websocket protocol without authentication...

7.5CVSS6.7AI score0.01049EPSS

NVD•added 2017/07/17 1:18 p.m.•15 views

CVE-2017-1000078

Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration...

6.1CVSS6AI score0.00728EPSS

NVD•added 2017/07/17 1:18 p.m.•10 views

CVE-2017-1000079

Linux foundation ONOS 1.9.0 is vulnerable to a DoS...

7.5CVSS7.5AI score0.01296EPSS