CVE-2022-29609

Name of the Vulnerable Software and Affected Versions ONOS version 2.5.1

Description An issue was discovered in ONOS where an intent with the same source and destination shows the INSTALLING state, indicating that its flow rules are installing. Improper handling of such an intent is misleading to a network operator.

Recommendations For ONOS version 2.5.1, as a temporary workaround, consider restricting the handling of intents with the same source and destination to minimize the risk of misleading network operators. At the moment, there is no information about a newer version that contains a fix for this issue.