CVE-2022-29604 Information

Description

An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state which is misleading to a network operator. Improper handling of case sensitivity causes inconsistency between intent and flow rules in the network.

Reference

https://wiki.onosproject.org/display/ONOS/Intent+Framework https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf