PT-2018-10105 · Opendaylight · Opendaylight

Pedro Sampaio

Publicado

2018-03-16

Atualizado

2019-10-09

CVE-2018-1078

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenDayLight versions Carbon SR3 and earlier

Description The issue occurs during node reconciliation, causing traffic flows that should be expired or should expire shortly to be re-installed, with their timers reset. This results in traffic being allowed that should be expired.

Recommendations For OpenDayLight versions Carbon SR3 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2018-1078

Produtos afetados

Opendaylight

PT-2018-10105 · Opendaylight · Opendaylight

CVE-2018-1078

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4