232 matches found
OpenDaylight NULL Pointer Dereference
StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0...
GHSA-GJQ3-997P-HG6F OpenDaylight NULL Pointer Dereference
StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0...
OpenDaylight Controller DoS
DOMRpcImplementationNotAvailableException when sending Port-Status packets to OpenDaylight. Controller launches exceptions and consumes more CPU resources. Component: OpenDaylight is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0...
Insecure Default Configuration
tripleoheattemplates is vulnerable to insecure default configuration. The vulnerabilty exists due to the default configuration set for the OpenDayLight ODL admin users' credentials, allowing malicious users to gain unauthorized access...
Moderate: Red Hat Security Advisory: opendaylight security and bug fix update
An update for OpenDaylight is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
openstack-tripleo-heat-templates hard-coded credentials vulnerability
openstack-tripleo-heat-templates is a template for deploying the OpenStack platform. A security vulnerability exists in versions prior to openstack-tripleo-heat-templates 8.0.2-40, where Opendaylight in RHOSP13 is configured with default credentials that can be easily guessed when deploying with...
Insecure Default Configuration
tripleoheattemplates is vulnerable to insecure default configuration. The vulnerabilty exists due to the default configuration set for the OpenDayLight ODL admin users' credentials, allowing malicious users to gain unauthorized access...
PYSEC-2018-102
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
CVE-2018-10898
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
CVE-2018-10898
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
Default credentials
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
CVE-2018-10898
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
UBUNTU-CVE-2018-10898
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
PYSEC-2018-102
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
CVE-2018-10898
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
openstack-tripleo-heat-templates: Default ODL deployment uses hard coded administrative credentials
When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
CVE-2018-10898
When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials...
Design/Logic Flaw
A flaw was found in Opendaylight's SDNInterfaceapp SDNI. Attackers can SQL inject the component's database SQLite without authenticating to the controller or SDNInterfaceapp. SDNInterface has been deprecated in OpenDayLight since it was last used in the final Carbon series release. In addition to...
CVE-2018-1132
A flaw was found in Opendaylight's SDNInterfaceapp SDNI. Attackers can SQL inject the component's database SQLite without authenticating to the controller or SDNInterfaceapp. SDNInterface has been deprecated in OpenDayLight since it was last used in the final Carbon series release. In addition to...
CVE-2018-1132
OpenDaylight CVE-2018-1132 affects the SDNInterfaceapp (SDNI) component. The flaw allows unauthenticated attackers to SQL-inject the SDNI SQLite database via the SDNInterface code path that builds insert queries, specifically in the SDNI database handling. The vulnerability arises from portName c...