Vulnerability Details CVE-2018-1078
OpenDayLight version Carbon SR3 and earlier contain a vulnerability during node reconciliation that can result in traffic flows that should be expired or should expire shortly being re-installed and their timers reset resulting in traffic being allowed that should be expired.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2018-1078
-
cpe:2.3:a:opendaylight:openflow:*
-
cpe:2.3:a:opendaylight:openflow:sp1
-
cpe:2.3:a:opendaylight:openflow:sp2
-
cpe:2.3:a:opendaylight:openflow:sp3