232 matches found
GHSA-HV38-H5PJ-C96J OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) allows follower controller to set up flow entries
In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...
GHSA-46HR-3CQ3-MCGP OpenDaylight Authentication, Authorization and Accounting (AAA) peer impersonation vulnerability
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...
OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) allows follower controller to set up flow entries
In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...
OpenDaylight Authentication, Authorization and Accounting (AAA) peer impersonation vulnerability
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...
CVE-2024-46942
In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...
CVE-2024-46943
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...
CVE-2024-46942
In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...
CVE-2024-46943
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...
CVE-2024-46942
CVE-2024-46942 affects OpenDaylight MD-SAL up to version 13.0.1, where a controller with a follower role can configure flow entries in a clustering deployment. This is documented across multiple sources (Red Hat advisory, Veracode entry, GHSA, OSV, CVE lists). The underlying issue is improper enf...
OpenDaylight 安全漏洞
OpenDaylight ODL is an open source SDN controller open sourced by OpenDaylight. A security vulnerability exists in OpenDaylight 0.19.3 and earlier versions that stems from the fact that a malicious controller can join a cluster to impersonate an offline peer node, even if the malicious controller...
PT-2024-32291 · Opendaylight · Opendaylight Md-Sal
Name of the Vulnerable Software and Affected Versions: OpenDaylight Model-Driven Service Abstraction Layer MD-SAL versions through 13.0.1 Description: A controller with a follower role can configure flow entries in an OpenDaylight clustering deployment. Recommendations: For OpenDaylight...
CVE-2024-46942
In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...
CVE-2024-46942
In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...
CVE-2024-46943
CVE-2024-46943 affects the OpenDaylight Authentication, Authorization and Accounting (AAA) component, with vulnerable versions up to 0.19.3. A rogue controller can join a cluster and impersonate an offline peer even without complete cluster configuration information. Multiple connected sources re...
CVE-2024-46943
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...
OpenDaylight 安全漏洞
OpenDaylight ODL is an open source SDN controller from OpenDaylight Open Source. A security vulnerability exists in OpenDaylight Model-Driven Service Abstraction Layer MD-SAL version 13.0.1 and earlier, which stems from the fact that controllers with the follower role can configure flow entries i...
CVE-2024-46943
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...
PT-2024-32292 · Opendaylight · Opendaylight Authentication
Name of the Vulnerable Software and Affected Versions: OpenDaylight Authentication, Authorization and Accounting AAA versions through 0.19.3 Description: An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA. A rogue controller can join a cluster to impersonate ...
RHEL 8 : opendaylight (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jackson-databind: Serialization gadgets in classes of the ehcache package CVE-2019-17267 - A flaw was...
RHEL 7 : opendaylight (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - plexus-utils: Mishandled strings in Commandline class allow for command injection CVE-2017-1000487 Note that Nessus...