CVE-2022-29605
First published: Thu Apr 20 2023(Updated: )
An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.0 switch that does not support IPv6. Improper handling of the difference in capabilities of the intent and switch is misleading to a network operator.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ONF SD-RAN ONOS | =2.5.1 | |
| =2.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-29605?
CVE-2022-29605 has a medium severity rating due to improper handling of network device capabilities.
How do I fix CVE-2022-29605?
To fix CVE-2022-29605, ensure that your ONOS 2.5.1 installation does not attempt to install IPv6 flow rules on switches that do not support IPv6.
What is affected by CVE-2022-29605?
CVE-2022-29605 affects ONOS version 2.5.1, particularly its IntentManager component.
What types of network devices are impacted by CVE-2022-29605?
CVE-2022-29605 impacts OpenFlow 1.0 switches that lack IPv6 support.
Who is affected by CVE-2022-29605?
Network operators using ONOS 2.5.1 may be misled about the capabilities of their network devices due to CVE-2022-29605.
- agent/references
- agent/type
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/opennetworking
- canonical/onf sd-ran onos
- version/onf sd-ran onos/2.5.1