5 matches found
GHSA-QM24-4869-99PJ Opendaylight will authenticate any username and password combination
The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight before Helium SR3 will authenticate any username and password combination...
CVE-2015-1778
The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight before Helium SR3 will authenticate any username and password combination...
Buffer overflow
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to the reuse of LLDP packets, aka "LLDP Relay."...
CVE-2015-1611
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection."...
CVE-2015-1611
The OpenFlow plugin for OpenDaylight (before Helium SR3) is affected by LLDP spoofing via fake LLDP injections, enabling remote attackers to spoof the SDN topology and disrupt data flow. Affected component: openflowplugin in OpenDaylight; root cause: reuse/fake LLDP packets. Impact: topology spoo...