CVE-2021-38364 Information

Description

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed by intents. A remote attacker can install or remove a new intent and consequently modify or delete the existing flow rules related to other intents.

Reference

https://opennetworking.org/onos/ https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf