CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-29604

An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state, which is misleading to a network operator. Improper handling of case sensitivity causes inconsistency between intent and flow rules in the network.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.9%

CVSS Severity

CVSS v3 Score 9.8

References

https://wiki.onosproject.org/display/ONOS/Intent+Framework
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf
https://wiki.onosproject.org/display/ONOS/Intent+Framework
https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf

Products affected by CVE-2022-29604

Opennetworking » Onos » Version: 2.5.1

cpe:2.3:a:opennetworking:onos:2.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29604

Products

Pricing

Contact Us