Vulnerabilities > Projectfloodlight

DATE CVE VULNERABILITY TITLE RISK
2019-10-23 CVE-2014-2304 Improper Input Validation vulnerability in Projectfloodlight Open SDN Controller 0.90
A vulnerability in version 0.90 of the Open Floodlight SDN controller software could result in a denial of service attack and crashing of the controller service.
network
low complexity
projectfloodlight CWE-20
7.5
2019-10-23 CVE-2013-7333 Improper Input Validation vulnerability in Projectfloodlight Open SDN Controller 0.90
A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch.
network
low complexity
projectfloodlight CWE-20
7.5
2018-04-18 CVE-2018-1000163 Cross-site Scripting vulnerability in Projectfloodlight Floodlight 1.2
Floodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can result in javascript injections into the web page.
network
low complexity
projectfloodlight CWE-79
6.1