Vulnerability Description
The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: applyFlowRules() and apply() functions in FlowRuleManager.java. The attack vector is: network management and connectivity.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linuxfoundation | Open Network Operating System | <= 2.0.0 |
Related Weaknesses (CWE)
References
- https://drive.google.com/open?id=1HtdRdf88Nv3RNeQJM9fQ6egY5X-tuewDExploitThird Party Advisory
- https://drive.google.com/open?id=1ce1uqcJYI-sEENGbPmmw-uJTwCXTUyJnExploitThird Party Advisory
- https://drive.google.com/open?id=1HtdRdf88Nv3RNeQJM9fQ6egY5X-tuewDExploitThird Party Advisory
- https://drive.google.com/open?id=1ce1uqcJYI-sEENGbPmmw-uJTwCXTUyJnExploitThird Party Advisory
FAQ
What is CVE-2019-1010252?
CVE-2019-1010252 is a vulnerability with a CVSS score of 4.9 (MEDIUM). The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The ...
How severe is CVE-2019-1010252?
CVE-2019-1010252 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-1010252?
Check the references section above for vendor advisories and patch information. Affected products include: Linuxfoundation Open Network Operating System.