CVE-2022-29607

high

Description

An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the INSTALLED state without any flow rule. Improper handling of such an intent is misleading to a network operator.

References

https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf

https://wiki.onosproject.org/display/ONOS/Intent+Framework

Details

Source: Mitre, NVD

Published: 2023-04-20

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N