CVE-2022-24035

Name of the Vulnerable Software and Affected Versions ONOS version 2.5.1

Description An issue was discovered where the purge-requested intent remains on the list but does not respond to changes in topology, such as link failure. In combination with other applications, this could lead to a failure of network management.

Recommendations For ONOS version 2.5.1, as a temporary workaround, consider disabling the purge-requested intent functionality until a patch is available. Restrict access to the intent list to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.