CVE-2019-1010234

2019-07-2214:58:04

dwf

www.cve.org

9.7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.0%

JSON

The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper Input Validation. The impact is: The attacker can remotely execute any commands by sending malicious http request to the controller. The component is: Method runJavaCompiler in YangLiveCompilerManager.java. The attack vector is: network connectivity.

CNA Affected

[
  {
    "product": "ONOS",
    "vendor": "The Linux Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "1.15.0 and ealier"
      }
    ]
  }
]

References

drive.google.com/file/d/1OkMtrMgjjINsDUQwxpGxjbATB6hiwqyv/view?usp=sharing