CVE-2018-1078
NONE EPSS 65.8%
Published Mar 16, 20188y ago · Modified Jun 17, 20262w ago
Published Mar 16, 2018 8y ago
Last Modified Jun 17, 2026 2w ago
Description
OpenDayLight version Carbon SR3 and earlier contain a vulnerability during node reconciliation that can result in traffic flows that should be expired or should expire shortly being re-installed and their timers reset resulting in traffic being allowed that should be expired.
Threat Intelligence
EPSS Exploit Probability
65.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-20 Improper Input Validation Validation
Affected Products 4
| Vendor | Product | Version | Range |
|---|---|---|---|
| opendaylight | openflow | * | ≤carbon |
| opendaylight | openflow | sp1 | any |
| opendaylight | openflow | sp2 | any |
| opendaylight | openflow | sp3 | any |
References 2
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1533501
- jira.opendaylight.org https://jira.opendaylight.org/browse/OPNFLWPLUG-971
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.