Strix
26.1K

CVE-2019-1010245

UnknownEPSS 3.61%

Last modified

CVE-2019-1010245 is a vulnerability of currently unknown severity. The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. EPSS estimates a 3.61% chance of exploitation in the next 30 days.

Description

The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. The component is: apps/yang/src/main/java/org/onosproject/yang/impl/YangLiveCompilerManager.java. The attack vector is: network connectivity. The fixed version is: 1.15.

Metrics

EPSS Probability
3.61%

88.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
LinuxfoundationOpen Network Operating System<= 1.15

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2019-1010245?
The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. The component is: apps/yang/src/main/java/org/onosproject/yang/impl/YangLiveCompilerManager.java. The attack vector is: network connectivity. The fixed version is: 1.15.
How severe is CVE-2019-1010245?
Severity scoring for CVE-2019-1010245 is pending analysis. The EPSS model estimates a 3.61% probability of exploitation in the next 30 days.
How do I fix CVE-2019-1010245?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-1010245?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST