CVE-2018-1000615

ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of Service (Service crash) vulnerability in OVSDB component in ONOS that can result in An adversary can remotely crash OVSDB service ONOS controller via a normal switch.. This attack appear to be exploitable via the attacker should be able to control or forge a switch in the network..
References
Link Resource
http://gms.cl0udz.com/OVSDB_DOS.pdf Exploit Third Party Advisory
https://gerrit.onosproject.org/#/c/18926/ Issue Tracking Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:onosproject:onos:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-07-09 20:29

Updated : 2024-02-04 19:46


NVD link : CVE-2018-1000615

Mitre link : CVE-2018-1000615

CVE.ORG link : CVE-2018-1000615


JSON object : View

Products Affected

onosproject

  • onos