CVE-2018-12691

Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and earlier allows attackers to bypass network access control via data plane packet injection.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:onosproject:onos:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-07-05 18:29

Updated : 2024-02-04 19:46


NVD link : CVE-2018-12691

Mitre link : CVE-2018-12691

CVE.ORG link : CVE-2018-12691


JSON object : View

Products Affected

onosproject

  • onos
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')