Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opendaylight opendaylight - vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-1000360
StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.
Opendaylight Opendaylight 3.3
Opendaylight Opendaylight 4.0
5
CVSSv2
CVE-2017-1000361
DOMRpcImplementationNotAvailableException when sending Port-Status packets to OpenDaylight. Controller launches exceptions and consumes more CPU resources. Component: OpenDaylight is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.
Opendaylight Opendaylight 4.0
Opendaylight Opendaylight 3.3
5
CVSSv2
CVE-2015-1611
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote malicious users to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection."
Opendaylight Openflow -
5
CVSSv2
CVE-2015-1612
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote malicious users to spoof the SDN topology and affect the flow of data, related to the reuse of LLDP packets, aka "LLDP Relay."
Opendaylight Openflow -
5
CVSSv2
CVE-2015-1610
hosttracker in OpenDaylight l2switch allows remote malicious users to change the host location information by spoofing the MAC address, aka "topology spoofing."
Opendaylight L2switch -
4
CVSSv2
CVE-2017-1000358
Controller throws an exception and does not allow user to add subsequent flow for a particular switch. Component: OpenDaylight odl-restconf feature contains this flaw. Version: OpenDaylight 4.0 is affected by this flaw.
Opendaylight Opendaylight 4.0
NA
CVE-2024-37018
The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discovery packets.
NA
CVE-2022-45930
A SQL injection issue exists in AAA in OpenDaylight (ODL) prior to 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface.
Linuxfoundation Opendaylight 0.16.0
Linuxfoundation Opendaylight 0.16.4
Linuxfoundation Opendaylight 0.15.6
Linuxfoundation Opendaylight 0.15.0
NA
CVE-2022-45931
A SQL injection issue exists in AAA in OpenDaylight (ODL) prior to 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java deleteUser function is affected when the API interface /auth/v1/users/ is used.
Linuxfoundation Opendaylight 0.16.0
Linuxfoundation Opendaylight 0.16.4
Linuxfoundation Opendaylight 0.15.6
Linuxfoundation Opendaylight 0.15.0
NA
CVE-2022-45932
A SQL injection issue exists in AAA in OpenDaylight (ODL) prior to 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole function is affected when the API interface /auth/v1/roles/ is used.
Linuxfoundation Opendaylight 0.16.0
Linuxfoundation Opendaylight 0.16.4
Linuxfoundation Opendaylight 0.15.6
Linuxfoundation Opendaylight 0.15.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2