PT-2018-9471 · Atlassian · Floodlight Controller
Publicado
2018-07-09
·
Atualizado
2018-09-08
·
CVE-2018-1000617
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Atlassian Floodlight Controller versions 1.2 and earlier
Description
The issue is related to a Denial of Service vulnerability in the Forwarding module, which can result in an improper type cast. This allows remote attackers to cause a Denial of Service, resulting in a thread crash. The attack is exploitable via network connectivity, indicating it can be launched remotely.
Recommendations
For Atlassian Floodlight Controller versions 1.2 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Floodlight Controller