Lucene search
K

232 matches found

OSV
OSV
added 2024/09/16 2:37 p.m.10 views

GHSA-HV38-H5PJ-C96J OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) allows follower controller to set up flow entries

In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...

7.1CVSS6.4AI score0.00443EPSS
Exploits0References5
OSV
OSV
added 2024/09/16 2:37 p.m.13 views

GHSA-46HR-3CQ3-MCGP OpenDaylight Authentication, Authorization and Accounting (AAA) peer impersonation vulnerability

An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...

5.3CVSS7.4AI score0.00556EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/09/16 2:37 p.m.26 views

OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) allows follower controller to set up flow entries

In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...

9.1CVSS6.8AI score0.00443EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2024/09/16 2:37 p.m.24 views

OpenDaylight Authentication, Authorization and Accounting (AAA) peer impersonation vulnerability

An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...

9.1CVSS6.7AI score0.00556EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/09/15 11:15 p.m.3 views

CVE-2024-46942

In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...

6.5CVSS5.8AI score0.00443EPSS
Exploits0References3
OSV
OSV
added 2024/09/15 11:15 p.m.4 views

CVE-2024-46943

An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...

7.5CVSS5.8AI score0.00556EPSS
Exploits0References3
NVD
NVD
added 2024/09/15 11:15 p.m.35 views

CVE-2024-46942

In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...

9.1CVSS0.00443EPSS
Exploits0References3
NVD
NVD
added 2024/09/15 11:15 p.m.29 views

CVE-2024-46943

An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...

9.1CVSS0.00556EPSS
Exploits0References3
CVE
CVE
added 2024/09/15 12:0 a.m.68 views

CVE-2024-46942

CVE-2024-46942 affects OpenDaylight MD-SAL up to version 13.0.1, where a controller with a follower role can configure flow entries in a clustering deployment. This is documented across multiple sources (Red Hat advisory, Veracode entry, GHSA, OSV, CVE lists). The underlying issue is improper enf...

9.1CVSS7.2AI score0.00443EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/09/15 12:0 a.m.4 views

OpenDaylight 安全漏洞

OpenDaylight ODL is an open source SDN controller open sourced by OpenDaylight. A security vulnerability exists in OpenDaylight 0.19.3 and earlier versions that stems from the fact that a malicious controller can join a cluster to impersonate an offline peer node, even if the malicious controller...

9.1CVSS6.4AI score0.00556EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/09/15 12:0 a.m.5 views

PT-2024-32291 · Opendaylight · Opendaylight Md-Sal

Name of the Vulnerable Software and Affected Versions: OpenDaylight Model-Driven Service Abstraction Layer MD-SAL versions through 13.0.1 Description: A controller with a follower role can configure flow entries in an OpenDaylight clustering deployment. Recommendations: For OpenDaylight...

9.1CVSS7.2AI score0.00443EPSS
Exploits0References14
Cvelist
Cvelist
added 2024/09/15 12:0 a.m.27 views

CVE-2024-46942

In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...

0.00443EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/15 12:0 a.m.16 views

CVE-2024-46942

In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...

6.9AI score0.00443EPSS
Exploits0References3
CVE
CVE
added 2024/09/15 12:0 a.m.73 views

CVE-2024-46943

CVE-2024-46943 affects the OpenDaylight Authentication, Authorization and Accounting (AAA) component, with vulnerable versions up to 0.19.3. A rogue controller can join a cluster and impersonate an offline peer even without complete cluster configuration information. Multiple connected sources re...

9.1CVSS7AI score0.00556EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/15 12:0 a.m.17 views

CVE-2024-46943

An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...

6.8AI score0.00556EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/09/15 12:0 a.m.21 views

OpenDaylight 安全漏洞

OpenDaylight ODL is an open source SDN controller from OpenDaylight Open Source. A security vulnerability exists in OpenDaylight Model-Driven Service Abstraction Layer MD-SAL version 13.0.1 and earlier, which stems from the fact that controllers with the follower role can configure flow entries i...

9.1CVSS6.5AI score0.00443EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/09/15 12:0 a.m.23 views

CVE-2024-46943

An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...

0.00556EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/09/15 12:0 a.m.5 views

PT-2024-32292 · Opendaylight · Opendaylight Authentication

Name of the Vulnerable Software and Affected Versions: OpenDaylight Authentication, Authorization and Accounting AAA versions through 0.19.3 Description: An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA. A rogue controller can join a cluster to impersonate ...

9.1CVSS7.2AI score0.00556EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.31 views

RHEL 8 : opendaylight (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jackson-databind: Serialization gadgets in classes of the ehcache package CVE-2019-17267 - A flaw was...

9.8CVSS8.9AI score0.17611EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 7 : opendaylight (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - plexus-utils: Mishandled strings in Commandline class allow for command injection CVE-2017-1000487 Note that Nessus...

9.8CVSS9.9AI score0.06543EPSS
Exploits0References1
Rows per page
Query Builder