Vulnerability Details CVE-2015-1611
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.internetsociety.org/sites/default/files/10_4_2.pdf
- http://www.securityfocus.com/bid/73254
- https://cloudrouter.org/security/
- https://git.opendaylight.org/gerrit/#/c/16193/
- https://git.opendaylight.org/gerrit/#/c/16208/
- https://wiki.opendaylight.org/view/Security_Advisories#.5BModerate.5D_CVE-2015-1611_CVE-2015-1612_openflowplugin:_topology_spoofing_via_LLDP
- http://www.internetsociety.org/sites/default/files/10_4_2.pdf
- http://www.securityfocus.com/bid/73254
- https://cloudrouter.org/security/
- https://git.opendaylight.org/gerrit/#/c/16193/
- https://git.opendaylight.org/gerrit/#/c/16208/
- https://wiki.opendaylight.org/view/Security_Advisories#.5BModerate.5D_CVE-2015-1611_CVE-2015-1612_openflowplugin:_topology_spoofing_via_LLDP
Products affected by CVE-2015-1611
-
cpe:2.3:a:opendaylight:openflow:-