5 matches found
CVE-2025-29314
Insecure Shiro cookie configurations in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allow attackers to access sensitive information via a man-in-the-middle attack...
CVE-2025-29314
Insecure Shiro cookie configurations in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allow attackers to access sensitive information via a man-in-the-middle attack...
CVE-2025-29314
Insecure Shiro cookie configurations in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allow attackers to access sensitive information via a man-in-the-middle attack...
CVE-2025-29314
CVE-2025-29314 affects OpenDaylight Service Function Chaining (SFC) Sodium-SR4 and earlier. The root cause is insecure Shiro cookie configurations (e.g., _secureCookies=False, _httpOnly=False) that enable a man-in-the-middle to access sensitive data. CVSSv3.1: 8.1 (HIGH) with network attack vecto...
CVE-2025-29314
Insecure Shiro cookie configurations in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allow attackers to access sensitive information via a man-in-the-middle attack...