CVE-2015-1611 – org.opendaylight.openflowplugin:openflowplugin

Package

Manager: maven
Name: org.opendaylight.openflowplugin:openflowplugin
Vulnerable Version: >=0 <0.0.6-helium-sr3

Severity

Level: High

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00971 pctl0.75753

Details

OpenFlow plugin for OpenDaylight allows spoofing the SDN topology OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection."

Metadata

Created: 2022-05-17T02:50:39Z
Modified: 2025-04-22T17:32:27Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-49wf-927p-jpvj/GHSA-49wf-927p-jpvj.json
CWE IDs: ["CWE-20"]
Alternative ID: GHSA-49wf-927p-jpvj
Finding: F184
Auto approve: 1