Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opendaylight opendaylight - vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-1132
A flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers can SQL inject the component's database (SQLite) without authenticating to the controller or SDNInterfaceapp. SDNInterface has been deprecated in OpenDayLight since it was last used in the final Carbon...
Opendaylight Sdninterfaceapp
668
VMScore
CVE-2018-1078
OpenDayLight version Carbon SR3 and previous versions contain a vulnerability during node reconciliation that can result in traffic flows that should be expired or should expire shortly being re-installed and their timers reset resulting in traffic being allowed that should be ex...
Opendaylight Openflow Sp3
Opendaylight Openflow Sp1
Opendaylight Openflow
Opendaylight Openflow Sp2
668
VMScore
CVE-2015-1778
The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight before Helium SR3 will authenticate any username and password combination.
Opendaylight Opendaylight -
605
VMScore
CVE-2014-5035
The Netconf (TCP) service in OpenDaylight 1.0 allows remote malicious users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue.
Opendaylight Opendaylight 1.0
578
VMScore
CVE-2014-8149
OpenDaylight defense4all 1.1.0 and previous versions allows remote authenticated users to write report data to arbitrary files.
Opendaylight Defense4all
445
VMScore
CVE-2015-1857
The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote malicious users to obtain sensitive information by leveraging missing AAA restrictions.
Linuxfoundation Opendaylight
445
VMScore
CVE-2017-1000411
OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, Boron, Robert Varga, Anil Vishnoi contain a flaw when multiple 'expired' flows take up the memory resource of CONFIG DATASTORE which leads to CONTROLLER shutdown. If multiple different flows with ...
Opendaylight Opendaylight Boron
Opendaylight Opendaylight Carbon
Opendaylight Opendaylight Nitrogen
Opendaylight Openflow Nitrogen
Opendaylight Openflow Carbon
Opendaylight Openflow Boron
445
VMScore
CVE-2017-1000406
OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).
Opendaylight Karaf 0.6.1-carbon
445
VMScore
CVE-2017-1000359
Java out of memory error and significant increase in resource consumption. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.
Opendaylight Opendaylight 3.3
Opendaylight Opendaylight 4.0
445
VMScore
CVE-2017-1000360
StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.
Opendaylight Opendaylight 3.3
Opendaylight Opendaylight 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »