CVE-2015-1778
NONE EPSS 84.4%
Published Jun 27, 20179y ago · Modified Jun 17, 20262w ago
Published Jun 27, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight before Helium SR3 will authenticate any username and password combination.
Threat Intelligence
EPSS Exploit Probability
84.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-287 Improper Authentication Authentication
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| opendaylight | opendaylight | * | any |
References 4
- openwall.com http://www.openwall.com/lists/oss-security/2015/03/20/3
- securityfocus.com http://www.securityfocus.com/bid/73255
- cloudrouter.org https://cloudrouter.org/security/
- wiki.opendaylight.org https://wiki.opendaylight.org/view/Security_Advisories
Remediation
- wiki.opendaylight.org https://wiki.opendaylight.org/view/Security_Advisories