Known Vulnerabilities for products from Opennetworking
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Opennetworking".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-24279 json | A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers ... | 6.1 - MEDIUM | 2023-03-14 | 2023-03-22 |
| CVE-2022-29944 json | An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by intents. An existing intents do... | 5.3 - MEDIUM | 2023-04-20 | 2023-05-03 |
| CVE-2022-29609 json | An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the INSTALLING state, indicating ... | 5.3 - MEDIUM | 2023-04-20 | 2023-05-03 |
| CVE-2022-29608 json | An issue was discovered in ONOS 2.5.1. An intent with a port that is an intermediate point of its path installs an invalid fl... | 7.5 - HIGH | 2023-04-20 | 2023-05-03 |
| CVE-2022-29607 json | An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the I... | 7.5 - HIGH | 2023-04-20 | 2023-05-03 |
| CVE-2022-29606 json | An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is misleading to a n... | 9.8 - CRITICAL | 2023-04-20 | 2023-05-03 |
| CVE-2022-29605 json | An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.... | 7.5 - HIGH | 2023-04-20 | 2023-05-04 |
| CVE-2022-29604 json | An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state, which is mi... | 9.8 - CRITICAL | 2023-04-20 | 2023-05-04 |
| CVE-2022-24109 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-04-20 | 2023-05-04 |
| CVE-2022-24035 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-04-20 | 2023-05-04 |
| CVE-2021-38364 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-04-20 | 2023-05-04 |
| CVE-2021-38363 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-04-20 | 2023-05-04 |
| CVE-2019-11189 json | Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONO... | 7.5 - HIGH | 2020-02-20 | 2020-02-28 |
| CVE-2018-1999020 json | Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core... | 5.5 - MEDIUM | 2018-07-23 | 2018-09-20 |
| CVE-2018-1000155 json | OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The... | 9.8 - CRITICAL | 2018-05-24 | 2019-10-03 |