Onos Security Vulnerabilities and Issues — Onos CVE List

Lucene search

OpennetworkingOnos

5 matches found

CVE•added 2025/03/24 9:15 p.m.•59 views

CVE-2025-29310

An issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when supplying a crafted LLDP packet. This vulnerability allows attackers to execute arbitrary commands or access network information.

9.8CVSS7.9AI score0.00052EPSS

CVE•added 2025/03/24 9:15 p.m.•55 views

CVE-2025-29311

Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets.

7.5CVSS6.8AI score0.00056EPSS

CVE•added 2025/05/29 6:15 p.m.•53 views

CVE-2023-41591

An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a man-in-the-middle attack on communications between fake and real hosts.

9.8CVSS7AI score0.0005EPSS

CVE•added 2025/03/24 9:15 p.m.•53 views

CVE-2025-29312

An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct.

9.1CVSS7AI score0.00099EPSS

CVE•added 2025/05/29 6:15 p.m.•41 views

CVE-2024-53423

An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted packets.

5.6CVSS6.8AI score0.00033EPSS