Lucene search
K
OpendaylightOpenflow

4 matches found

CVE
CVE
added 2018/01/31 2:0 p.m.62 views

CVE-2017-1000411

CVE-2017-1000411 affects OpenFlow Plugin and OpenDaylight Controller (Nitrogen, Carbon, Boron) with a flaw where multiple expired flows consume memory in CONFIG DATASTORE, causing the controller to shutdown once JVM/resource limits are reached. The issue arises when idle-timeout and hard-timeout ...

7.5CVSS7.5AI score0.01602EPSS
CVE
CVE
added 2018/03/16 8:0 p.m.60 views

CVE-2018-1078

CVE-2018-1078 affects OpenDayLight Carbon SR3 and earlier. During node reconciliation, all flows (active and inactive) may be reinstalled in the switch upon reconnection, causing timers for those flows to be reset. This can result in traffic flows that should be expired (or expiring soon) being r...

9.8CVSS9.3AI score0.01251EPSS
CVE
CVE
added 2017/04/04 5:0 p.m.54 views

CVE-2015-1611

The OpenFlow plugin for OpenDaylight (before Helium SR3) is affected by LLDP spoofing via fake LLDP injections, enabling remote attackers to spoof the SDN topology and disrupt data flow. Affected component: openflowplugin in OpenDaylight; root cause: reuse/fake LLDP packets. Impact: topology spoo...

7.5CVSS7.5AI score0.02073EPSS
CVE
CVE
added 2017/04/04 5:0 p.m.46 views

CVE-2015-1612

The CVE-2015-1612 issue affects the OpenFlow plugin for OpenDaylight (before Helium SR3). It enables LLDP-related spoofing of the SDN topology that can affect data flow. Affected component: openflowplugin in OpenDaylight; root cause: reuse of LLDP packets leading to topology spoofing (LLDP Relay)...

7.5CVSS7.5AI score0.02073EPSS