Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-24817

Malware in sbrugna...

6.5CVSS6.5AI score0.00848EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 1:16 a.m.10 views

CVE-2022-29607

An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the INSTALLED state without any flow rule. Improper handling of such an intent is misleading to a network operator...

7.5CVSS6.8AI score0.00668EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:44 p.m.10 views

CVE-2022-29606

An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent and flow rules in the network...

9.8CVSS6.8AI score0.00987EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 p.m.12 views

CVE-2021-38363

An issue was discovered in ONOS 2.5.1. In IntentManager, the install-requested intent which causes an exception remains in pendingMap in memory forever. Deletion is possible neither by a user nor by the intermittent Intent Cleanup process...

7.5CVSS6.8AI score0.00654EPSS
Exploits1
NVD
NVD
added 2023/04/20 1:15 p.m.25 views

CVE-2022-29606

An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent and flow rules in the network...

9.8CVSS9.4AI score0.00987EPSS
Exploits1References2
Prion
Prion
added 2023/04/20 1:15 p.m.16 views

Input validation

An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.0 switch that does not support IPv6. Improper handling of the difference in capabilities of the intent and switch is misleading to a network operator...

5CVSS7.5AI score0.00654EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/04/20 1:15 p.m.15 views

Input validation

An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state, which is misleading to a network operator. Improper handling of case sensitivity causes inconsistency between intent and flow rules in the network...

7.5CVSS9.2AI score0.01007EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/04/20 1:15 p.m.16 views

Design/Logic Flaw

An issue was discovered in ONOS 2.5.1. The purge-requested intent remains on the list, but it does not respond to changes in topology e.g., link failure. In combination with other applications, it could lead to a failure of network management...

5CVSS7.4AI score0.00863EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/04/20 1:15 p.m.14 views

Code injection

An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote attacker can install a duplicate intent with a different key, and then remove the duplicate one. This will remove the flow rules of the intent, even though the intent still exists in the controller...

6.4CVSS6.5AI score0.00855EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/04/20 1:15 p.m.21 views

Input validation

An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the INSTALLING state, indicating that its flow rules are installing. Improper handling of such an intent is misleading to a network operator...

5CVSS5.3AI score0.00567EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/04/20 12:0 a.m.56 views

CVE-2021-38364

CVE-2021-38364 affects ONOS 2.5.1, where an incorrect comparison of flow rules installed by intents can let a remote attacker install or remove an intent and consequently modify or delete flow rules related to other intents. The consequence is unintended modification of flow state managed by the ...

6.5CVSS6.4AI score0.00848EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/20 12:0 a.m.9 views

CVE-2021-38363

An issue was discovered in ONOS 2.5.1. In IntentManager, the install-requested intent which causes an exception remains in pendingMap in memory forever. Deletion is possible neither by a user nor by the intermittent Intent Cleanup process...

7.5AI score0.00654EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/04/20 12:0 a.m.9 views

CVE-2022-29608

An issue was discovered in ONOS 2.5.1. An intent with a port that is an intermediate point of its path installs an invalid flow rule, causing a network loop...

7.5AI score0.00874EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/04/20 12:0 a.m.10 views

CVE-2022-24109

An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote attacker can install a duplicate intent with a different key, and then remove the duplicate one. This will remove the flow rules of the intent, even though the intent still exists in the controller...

6.9AI score0.00855EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/04/20 12:0 a.m.12 views

CVE-2022-29607

An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the INSTALLED state without any flow rule. Improper handling of such an intent is misleading to a network operator...

7.5AI score0.00668EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/04/20 12:0 a.m.9 views

CVE-2022-29605

An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.0 switch that does not support IPv6. Improper handling of the difference in capabilities of the intent and switch is misleading to a network operator...

7.5AI score0.00654EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/04/20 12:0 a.m.13 views

CVE-2022-29606

An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent and flow rules in the network...

9.4AI score0.00987EPSS
Exploits1References2
CVE
CVE
added 2023/04/20 12:0 a.m.40 views

CVE-2022-29604

ONOS 2.5.1 is affected: an intent with an uppercase device ID can enter a CORRUPT state due to case-sensitivity mishandling, causing inconsistency between intent and flow rules. The connected documents reiterate the issue but do not provide a concrete fix or remediation details. No further exploi...

9.8CVSS9.2AI score0.01007EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder