CVE-2015-1612 – org.opendaylight.openflowplugin:openflowplugin

Package

Manager: maven
Name: org.opendaylight.openflowplugin:openflowplugin
Vulnerable Version: >=0 <0.0.6-helium-sr3

Severity

Level: High

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00971 pctl0.75753

Details

OpenFlow plugin for OpenDaylight LLDP Relay OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to the reuse of LLDP packets, aka "LLDP Relay."

Metadata

Created: 2022-05-17T02:50:39Z
Modified: 2025-04-22T17:32:35Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-f2x4-547g-rp95/GHSA-f2x4-547g-rp95.json
CWE IDs: ["CWE-20"]
Alternative ID: GHSA-f2x4-547g-rp95
Finding: F184
Auto approve: 1