Primary

Context

Open Network Foundation ONOS Fake IP/MAC Address Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

A vulnerability in Open Network Foundation ONOS version 2.7.0 allows attackers to generate fake IP and MAC addresses. This could lead to a man-in-the-middle attack, intercepting communications between real and fake hosts.

Impact

Exploitation of this vulnerability could allow for unauthorized interception and manipulation of network communications, creating a man-in-the-middle scenario between genuine and fabricated hosts.

Reproduction

To reproduce this vulnerability, send a crafted PACKET_OUT message with the egress port set to 255, which is the default controller port for BMv2 switches. This will create a fake IP/MAC address that can be used to intercept communications.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

5.8

remediation

0.0

relevance

0.1

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

5.8

remediation

0.0

relevance

0.1

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Open Network Foundation ONOS Fake IP/MAC Address Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

Impact

Reproduction

Affected Products

Open Network Foundation ONOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating