Vulnerability Details CVE-2015-6569
Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a state manipulation attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.6%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/103132
- https://floodlight.atlassian.net/wiki/spaces/floodlightcontroller/pages/24805419/Floodlight+v1.2
- https://github.com/floodlight/floodlight/pull/563
- http://www.securityfocus.com/bid/103132
- https://floodlight.atlassian.net/wiki/spaces/floodlightcontroller/pages/24805419/Floodlight+v1.2
- https://github.com/floodlight/floodlight/pull/563
Products affected by CVE-2015-6569
-
cpe:2.3:a:atlassian:floodlight:0.85
-
cpe:2.3:a:atlassian:floodlight:0.90
-
cpe:2.3:a:atlassian:floodlight:0.91
-
cpe:2.3:a:atlassian:floodlight:1.0
-
cpe:2.3:a:atlassian:floodlight:1.1