Description
ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of Service (Service crash) vulnerability in OVSDB component in ONOS that can result in An adversary can remotely crash OVSDB service ONOS controller via a normal switch.. This attack appear to be exploitable via the attacker should be able to control or forge a switch in the network..
Remediation
References
https://gerrit.onosproject.org/#/c/18926/
http://gms.cl0udz.com/OVSDB_DOS.pdf
Related Vulnerabilities
CVE-2021-23376 Vulnerability in npm package ffmpegdotjs
CVE-2021-26272 Vulnerability in npm package ckeditor4-dev
CVE-2022-37734 Vulnerability in maven package com.graphql-java:graphql-java
CVE-2016-3088 Vulnerability in maven package org.apache.activemq:apache-activemq
CVE-2022-25898 Vulnerability in maven package org.webjars.bower:jsrsasign