CVE-2024-48809

An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial of service via the onos-a1t component of the sdran-in-a-box, specifically the DeleteWatcher function.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:aetherproject:onos-a1t:0.2.3:*:*:*:*:*:*:*
cpe:2.3:a:aetherproject:sdran-in-a-box:1.4.3:*:*:*:*:*:*:*

History

06 Nov 2024, 19:33

Type Values Removed Values Added
References () https://gist.github.com/bergen876/5a21f78e266c12aa2586beb2178443b0 - () https://gist.github.com/bergen876/5a21f78e266c12aa2586beb2178443b0 - Third Party Advisory
References () https://github.com/onosproject/sdran-in-a-box/issues/206 - () https://github.com/onosproject/sdran-in-a-box/issues/206 - Exploit, Issue Tracking
CPE cpe:2.3:a:aetherproject:sdran-in-a-box:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:aetherproject:onos-a1t:0.2.3:*:*:*:*:*:*:*
First Time Aetherproject
Aetherproject onos-a1t
Aetherproject sdran-in-a-box

05 Nov 2024, 22:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
Summary
  • (es) Un problema en Open Networking Foundations sdran-in-a-box v.1.4.3 y onos-a1t v.0.2.3 permite a un atacante remoto provocar una denegación de servicio a través del componente onos-a1t de sdran-in-a-box, específicamente la función DeleteWatcher.
CWE CWE-770

04 Nov 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-04 17:15

Updated : 2024-11-06 19:33


NVD link : CVE-2024-48809

Mitre link : CVE-2024-48809

CVE.ORG link : CVE-2024-48809


JSON object : View

Products Affected

aetherproject

  • sdran-in-a-box
  • onos-a1t
CWE
CWE-770

Allocation of Resources Without Limits or Throttling