Misleading Handling of IPv6 Capability in ONOS 2.5.1

Misleading Handling of IPv6 Capability in ONOS 2.5.1

CVE-2022-29605 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.0 switch that does not support IPv6. Improper handling of the difference in capabilities of the intent and switch is misleading to a network operator.

Learn more about our Network Penetration Testing.