CyberSec.Space Logo
Back to CVE Browser

CVE-2019-1010245

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1910%
EPSS Percentile14.63th
PublishedJul 19, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. The component is: apps/yang/src/main/java/org/onosproject/yang/impl/YangLiveCompilerManager.java. The attack vector is: network connectivity. The fixed version is: 1.15.

Affected Platforms (CPE)

πŸ’»
Linuxfoundation

Open Network Operating System

<= 1.15

References & Advisories

πŸ”— https://drive.google.com/open?id=1OkMtrMgjjINsDUQwxpGxjbATB6hiwqyv
πŸ”— https://gerrit.onosproject.org/#/c/20767/
πŸ”— https://drive.google.com/open?id=1OkMtrMgjjINsDUQwxpGxjbATB6hiwqyv
πŸ”— https://gerrit.onosproject.org/#/c/20767/

Related Vulnerabilities

CVE-2021-212578.2

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite impleme...

CVE-2019-162987.5

An issue was discovered in Open Network Operating System (ONOS) 1.14. In the virtual broadband network gateway application (org.on...

CVE-2019-162997.5

An issue was discovered in Open Network Operating System (ONOS) 1.14. In the mobility application (org.onosproject.mobility), the ...

CVE-2019-162977.5

An issue was discovered in Open Network Operating System (ONOS) 1.14. In the P4 tutorial application (org.onosproject.p4tutorial),...