Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection. To exploit the vulnerability, an attacker sends a gratuitous ARP reply that causes the host mobility application to remove existing access control flow denial rules in the network. The access control application does not re-install flow deny rules, so the attacker can bypass the intended access control policy.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ONOS 安全漏洞
Vulnerability Description
ONOS是美国Linux基金会的一套开源的SDN网络操作系统。 ONOS v2.0及之前版本中存在安全漏洞。攻击者可通过注入网络层数据包利用该漏洞绕过访问控制策略。
CVSS Information
N/A
Vulnerability Type
N/A