Lucene search
K

232 matches found

CVE
CVE
added 2017/03/20 4:0 p.m.47 views

CVE-2015-1610

CVE-2015-1610 affects the OpenDaylight l2switch component (hosttracker). The issue, described as topology spoofing, allows remote attackers to change host location information by spoofing a MAC address. Relevant sources (NVD, CVE listing, CNVD, PRION, CVELIST) confirm the vulnerability and descri...

5.3CVSS5.2AI score0.01438EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/03/20 4:0 p.m.20 views

CVE-2015-1610

hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing."...

5.2AI score0.01438EPSS
Exploits0References3
n0where
n0where
added 2016/12/19 5:38 a.m.35 views

SDN Security Evaluation Framework: DELTA

DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique. Agent-Manager is the control tower. It takes full control over all...

7.7AI score
Exploits0References1
CNVD
CNVD
added 2015/03/23 12:0 a.m.5 views

OpenDaylight OpenFlow plugin security bypass vulnerability (CNVD-2015-01911)

Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security bypass vulnerability exists in the...

7.5CVSS6.6AI score0.02073EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/23 12:0 a.m.5 views

OpenDaylight Helium Authentication Bypass Vulnerability

Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. An authentication bypass vulnerability exists i...

9.8CVSS7AI score0.02749EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/23 12:0 a.m.5 views

OpenDaylight l2switch Security Bypass Vulnerability

Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security bypass vulnerability exists in...

5.3CVSS6.6AI score0.01438EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/23 12:0 a.m.5 views

OpenDaylight OpenFlow Plugin Security Bypass Vulnerability

Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security bypass vulnerability exists in the...

7.5CVSS6.6AI score0.02073EPSS
Exploits0References1
NVD
NVD
added 2014/08/26 2:55 p.m.16 views

CVE-2014-5035

The Netconf TCP service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity XXE issue...

6.8CVSS6.7AI score0.02486EPSS
Exploits0References4
Prion
Prion
added 2014/08/26 2:55 p.m.16 views

Xxe

The Netconf TCP service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity XXE issue...

6.8CVSS7.2AI score0.02486EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2014/08/26 2:0 p.m.47 views

CVE-2014-5035

The CVE-2014-5035 issue affects OpenDaylight 1.0 Netconf (TCP) service. It allows remote attackers to read arbitrary files via an XML External Entity (XXE) in conjunction with an entity reference inside an XML-RPC message, causing information disclosure. Root cause is processing of external entit...

6.8CVSS6.9AI score0.02486EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/08/26 2:0 p.m.24 views

CVE-2014-5035

The Netconf TCP service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity XXE issue...

6.7AI score0.02486EPSS
Exploits0References4
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.67 views

CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service

Title =================== Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf TCP Service Summary =================== Opendaylight www.opendaylight.com is vulnerable to Local and Remote File Inclusion in the Netconf TCP Service via an External Entity Injection XXE...

6.8CVSS1.8AI score0.02486EPSS
Exploits0
Rows per page
Query Builder