Vulnerabilities > CVE-2017-1000358 - NULL Pointer Dereference vulnerability in Opendaylight 4.0

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

opendaylight

CWE-476

NVD

Published: 2017-04-24

Updated: 2019-10-03

Summary

Controller throws an exception and does not allow user to add subsequent flow for a particular switch. Component: OpenDaylight odl-restconf feature contains this flaw. Version: OpenDaylight 4.0 is affected by this flaw.

Vulnerable Configurations

Part	Description	Count
Application	Opendaylight Opendaylight Opendaylight 4.0	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://aaltodoc.aalto.fi/bitstream/handle/123456789/21584/master_Bidaj_Andi_2016.pdf