HIGH🇬🇧 English

CVE-2018-1000615

CVSS 7.5v3.0pub. 2018-07-09upd. 2024-11-21

ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of Service (Service crash) vulnerability in OVSDB component in ONOS that can result in An adversary can remotely crash OVSDB service ONOS controller via a normal switch.. This attack appear to be exploitable via the attacker should be able to control or forge a switch in the network..

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Onosproject Onos

    APP
    Onosproject
    ≤ 1.13.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2019-13624CRITICAL9.8ten sam produkt

In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java mishandles backquote...

CVE-2018-1000614CRITICAL9.8ten sam produkt

ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in provider...

CVE-2018-1000616CRITICAL9.8ten sam produkt

ONOS ONOS controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in onos\dri...

CVE-2017-1000081CRITICAL9.8ten sam produkt

Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote...

CVE-2017-13763HIGH7.5ten sam produkt

ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size ...

CVE-2018-1000615 — HIGH 7.5 | CVEbaza.pl