| Max CVSS | 7.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-1857 | 5.0 |
The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions.
|
16-06-2021 - 13:41 | 27-04-2018 - 16:29 | |
| CVE-2016-4970 | 7.8 |
handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop). CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
|
14-02-2021 - 02:56 | 13-04-2017 - 14:59 | |
| CVE-2015-1778 | 7.5 |
The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight before Helium SR3 will authenticate any username and password combination.
|
05-07-2017 - 17:43 | 27-06-2017 - 20:29 | |
| CVE-2014-8149 | 6.5 |
OpenDaylight defense4all 1.1.0 and earlier allows remote authenticated users to write report data to arbitrary files.
|
03-07-2017 - 17:25 | 27-06-2017 - 20:29 | |
| CVE-2015-1612 | 5.0 |
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to the reuse of LLDP packets, aka "LLDP Relay."
|
11-04-2017 - 17:28 | 04-04-2017 - 17:59 | |
| CVE-2015-1611 | 5.0 |
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection."
|
11-04-2017 - 17:27 | 04-04-2017 - 17:59 | |
| CVE-2015-1610 | 5.0 |
hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing."
|
23-03-2017 - 10:46 | 20-03-2017 - 16:59 |