Vulnerabilities > Opennetworking > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-20 CVE-2021-38364 Incorrect Comparison vulnerability in Opennetworking Onos 2.5.1
An issue was discovered in ONOS 2.5.1.
network
low complexity
opennetworking CWE-697
6.5
2023-04-20 CVE-2022-24109 Resource Exhaustion vulnerability in Opennetworking Onos 2.5.1
An issue was discovered in ONOS 2.5.1.
network
low complexity
opennetworking CWE-400
6.5
2023-04-20 CVE-2022-29609 Always-Incorrect Control Flow Implementation vulnerability in Opennetworking Onos 2.5.1
An issue was discovered in ONOS 2.5.1.
network
low complexity
opennetworking CWE-670
5.3
2023-04-20 CVE-2022-29944 Incorrect Comparison vulnerability in Opennetworking Onos 2.5.1
An issue was discovered in ONOS 2.5.1.
network
low complexity
opennetworking CWE-697
5.3
2023-03-14 CVE-2023-24279 Cross-site Scripting vulnerability in Opennetworking Onos
A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.
network
low complexity
opennetworking CWE-79
6.1
2020-02-20 CVE-2019-11189 Authentication Bypass by Spoofing vulnerability in Opennetworking Onos
Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection.
network
low complexity
opennetworking CWE-290
5.0
2018-07-23 CVE-2018-1999020 Path Traversal vulnerability in Opennetworking Onos
Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion (overwrite).
5.8