CVE-2018-1078

NONE EPSS 65.8%
Published Mar 16, 20188y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 16, 2018 8y ago
Last Modified Jun 17, 2026 2w ago

Description

OpenDayLight version Carbon SR3 and earlier contain a vulnerability during node reconciliation that can result in traffic flows that should be expired or should expire shortly being re-installed and their timers reset resulting in traffic being allowed that should be expired.

Threat Intelligence

EPSS Exploit Probability
65.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 4

VendorProductVersionRange
opendaylightopenflow* ≤carbon
opendaylightopenflowsp1any
opendaylightopenflowsp2any
opendaylightopenflowsp3any

References 2

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.