CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-1010234

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0000%
EPSS Percentile32.18th
Published2019年7月22日
Last Modified2024年11月21日

Vulnerability Description

The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper Input Validation. The impact is: The attacker can remotely execute any commands by sending malicious http request to the controller. The component is: Method runJavaCompiler in YangLiveCompilerManager.java. The attack vector is: network connectivity.

Affected Platforms (CPE)

💻
Linuxfoundation

Open Network Operating System

<= 1.15.0

References & Advisories

🔗 https://drive.google.com/file/d/1OkMtrMgjjINsDUQwxpGxjbATB6hiwqyv/view?usp=sharing
🔗 https://drive.google.com/file/d/1OkMtrMgjjINsDUQwxpGxjbATB6hiwqyv/view?usp=sharing

関連する脆弱性情報

CVE-2021-212578.2

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite impleme...

CVE-2019-162987.5

An issue was discovered in Open Network Operating System (ONOS) 1.14. In the virtual broadband network gateway application (org.on...

CVE-2019-162997.5

An issue was discovered in Open Network Operating System (ONOS) 1.14. In the mobility application (org.onosproject.mobility), the ...

CVE-2019-162977.5

An issue was discovered in Open Network Operating System (ONOS) 1.14. In the P4 tutorial application (org.onosproject.p4tutorial),...