ONOS LLDP Packet Vulnerability Leading to Private Key Exposure

Vulnerability

A vulnerability in the Link Layer Discovery Protocol (LLDP) packets used in ONOS version 2.7.0 allows attackers to obtain private keys through a brute-force attack. Exploitation of this vulnerability involves creating and sending crafted LLDP packets.

Impact

Successful exploitation allows attackers to retrieve private keys, which could potentially be used to compromise cryptographic operations or authentication mechanisms.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

5.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

5.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ONOS LLDP Packet Vulnerability Leading to Private Key Exposure

Vulnerability

Impact

Affected Products

ONOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating