Vulnerabilities > Opendaylight
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-24 | CVE-2017-1000359 | Resource Exhaustion vulnerability in Opendaylight 3.3/4.0 Java out of memory error and significant increase in resource consumption. | 5.0 |
| 2017-04-24 | CVE-2017-1000358 | NULL Pointer Dereference vulnerability in Opendaylight 4.0 Controller throws an exception and does not allow user to add subsequent flow for a particular switch. | 4.0 |
| 2017-04-24 | CVE-2017-1000357 | Resource Exhaustion vulnerability in Opendaylight 3.3/4.0 Denial of Service attack when the switch rejects to receive packets from the controller. | 5.0 |
| 2017-04-04 | CVE-2015-1612 | Improper Input Validation vulnerability in Opendaylight Openflow OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to the reuse of LLDP packets, aka "LLDP Relay." | 5.0 |
| 2017-04-04 | CVE-2015-1611 | Improper Input Validation vulnerability in Opendaylight Openflow OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection." | 5.0 |
| 2017-03-20 | CVE-2015-1610 | Permissions, Privileges, and Access Controls vulnerability in Opendaylight L2Switch hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing." | 5.0 |
| 2014-08-26 | CVE-2014-5035 | XML External Entity Injection vulnerability in Opendaylight 1.0 The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue. network opendaylight | 6.8 |