CVE-2015-1611

NONE EPSS 79.2%
Published Apr 4, 20179y ago · Modified Jun 17, 20262w ago
Find Similar
Published Apr 4, 2017 9y ago
Last Modified Jun 17, 2026 2w ago

Description

OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection."

Threat Intelligence

EPSS Exploit Probability
79.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 1

VendorProductVersionRange
opendaylightopenflow*any

References 6

  • internetsociety.org http://www.internetsociety.org/sites/default/files/10_4_2.pdf
    Technical Description
  • securityfocus.com http://www.securityfocus.com/bid/73254
    Third Party AdvisoryVDB Entry
  • cloudrouter.org https://cloudrouter.org/security/
    Third Party Advisory
  • git.opendaylight.org https://git.opendaylight.org/gerrit/#/c/16193/
    Issue TrackingPatchThird Party Advisory
  • git.opendaylight.org https://git.opendaylight.org/gerrit/#/c/16208/
    Issue TrackingPatchThird Party Advisory
  • wiki.opendaylight.org https://wiki.opendaylight.org/view/Security_Advisories#.5BModerate.5D_CVE-2015-1611_CVE-2015-1612_openflowplugin:_topology_spoofing_via_LLDP
    PatchThird Party Advisory

Remediation

  • git.opendaylight.org https://git.opendaylight.org/gerrit/#/c/16193/
    Issue TrackingPatchThird Party Advisory
  • git.opendaylight.org https://git.opendaylight.org/gerrit/#/c/16208/
    Issue TrackingPatchThird Party Advisory
  • wiki.opendaylight.org https://wiki.opendaylight.org/view/Security_Advisories#.5BModerate.5D_CVE-2015-1611_CVE-2015-1612_openflowplugin:_topology_spoofing_via_LLDP
    PatchThird Party Advisory