Known Vulnerabilities for Onos by Opennetworking
Listed below are 10 of the newest known vulnerabilities associated with "Onos" by "Opennetworking".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-24279 json | A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers ... | 6.1 - MEDIUM | 2023-03-14 | 2023-03-22 |
| CVE-2022-29944 json | An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by intents. An existing intents do... | 5.3 - MEDIUM | 2023-04-20 | 2023-05-03 |
| CVE-2022-29609 json | An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the INSTALLING state, indicating ... | 5.3 - MEDIUM | 2023-04-20 | 2023-05-03 |
| CVE-2022-29608 json | An issue was discovered in ONOS 2.5.1. An intent with a port that is an intermediate point of its path installs an invalid fl... | 7.5 - HIGH | 2023-04-20 | 2023-05-03 |
| CVE-2022-29607 json | An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the I... | 7.5 - HIGH | 2023-04-20 | 2023-05-03 |
| CVE-2022-29606 json | An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is misleading to a n... | 9.8 - CRITICAL | 2023-04-20 | 2023-05-03 |
| CVE-2022-29605 json | An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.... | 7.5 - HIGH | 2023-04-20 | 2023-05-04 |
| CVE-2022-29604 json | An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state, which is mi... | 9.8 - CRITICAL | 2023-04-20 | 2023-05-04 |
| CVE-2022-24109 json | An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote attacker can install a duplic... | 6.5 - MEDIUM | 2023-04-20 | 2023-05-04 |
| CVE-2022-24035 json | An issue was discovered in ONOS 2.5.1. The purge-requested intent remains on the list, but it does not respond to changes in ... | 7.5 - HIGH | 2023-04-20 | 2023-05-04 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Opennetworking | Onos | 2.2.0 | |||
| Application | Opennetworking | Onos | 2.1.0 | |||
| Application | Opennetworking | Onos | 2.0.0 | |||
| Application | Opennetworking | Onos | 1.9.2 | |||
| Application | Opennetworking | Onos | 1.9.0 | |||
| Application | Opennetworking | Onos | 1.8.9 | |||
| Application | Opennetworking | Onos | 1.8.7 | |||
| Application | Opennetworking | Onos | 1.8.6 | |||
| Application | Opennetworking | Onos | 1.8.5 | |||
| Application | Opennetworking | Onos | 1.8.4 | |||
| Application | Opennetworking | Onos | 1.8.3 | |||
| Application | Opennetworking | Onos | 1.8.2 | |||
| Application | Opennetworking | Onos | 1.8.0 | |||
| Application | Opennetworking | Onos | 1.7.1 | |||
| Application | Opennetworking | Onos | 1.7.0 | |||
| Application | Opennetworking | Onos | 1.6.0 | |||
| Application | Opennetworking | Onos | 1.5.1 | |||
| Application | Opennetworking | Onos | 1.5.0 | |||
| Application | Opennetworking | Onos | 1.4.0 | |||
| Application | Opennetworking | Onos | 1.3.0 |