Vulnerabilities > Opendaylight > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-04 | CVE-2015-1611 | Improper Input Validation vulnerability in Opendaylight Openflow OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection." | 5.0 |
| 2017-03-20 | CVE-2015-1610 | Permissions, Privileges, and Access Controls vulnerability in Opendaylight L2Switch hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing." | 5.0 |
| 2014-08-26 | CVE-2014-5035 | XML External Entity Injection vulnerability in Opendaylight 1.0 The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue. network opendaylight | 6.8 |