CVE-2015-1611
HIGH7.5EPSS 0.63%OpenFlow plugin for OpenDaylight allows spoofing the SDN topology
Published: 5/17/2022Modified: 4/22/2025
Description
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection."
Affected packages (1)
- Maven/org.opendaylight.openflowplugin:openflowpluginfrom 0, < 0.0.6-Helium-SR3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
References (6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2015-1611
- PATCHhttps://github.com/opendaylight/openflowplugin
- WEBhttps://git.opendaylight.org/gerrit/#/c/16193
- WEBhttps://git.opendaylight.org/gerrit/#/c/16208
- WEBhttps://web.archive.org/web/20150510044305/https://wiki.opendaylight.org/view/Security_Advisories#.5BModerate.5D_CVE-2015-1611_CVE-2015-1612_openflowplugin:_topology_spoofing_via_LLDP
- WEBhttps://web.archive.org/web/20150701104709/https://www.internetsociety.org/sites/default/files/10_4_2.pdf