Erodedelk

#8788of 53,630
31.2Total CVSS
Vulnerabilities · 4
High
4
PT-2024-25936
8.7
2024-05-04
Unknown · Faucet Sdn Ryu · CVE-2024-34486
**Name of the Vulnerable Software and Affected Versions** Faucet SDN Ryu version 4.34 **Description** The issue allows attackers to cause a denial of service (infinite loop) via `OFPQueueProp.len=0`. This occurs in the `OFPPacketQueue` in parser.py. **Recommendations** For version 4.34, consider disabling the `OFPPacketQueue` function until a patch is available to prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-25938
7.5
2024-05-04
Unknown · Faucet Sdn Ryu · CVE-2024-34488
**Name of the Vulnerable Software and Affected Versions** Faucet SDN Ryu version 4.34 **Description** The issue allows attackers to cause a denial of service (infinite loop) via `b.length=0` in `OFPMultipartReply` in parser.py. **Recommendations** For version 4.34, consider disabling the `OFPMultipartReply` function in parser.py to prevent the denial of service until a patch is available. Restrict access to the parser.py module to minimize the risk of exploitation. Avoid using the `b.length=0` parameter in the affected API endpoint until the issue is resolved.
PT-2024-25939
7.5
2024-05-04
Unknown · Faucet Sdn Ryu · CVE-2024-34489
**Name of the Vulnerable Software and Affected Versions** Faucet SDN Ryu version 4.34 **Description** The issue allows attackers to cause a denial of service, resulting in an infinite loop, via a specific condition where `length=0`. This is related to the `OFPHello` function in the `parser.py` file. **Recommendations** For Faucet SDN Ryu version 4.34, consider disabling the `OFPHello` function in `parser.py` to prevent the denial of service until a patch is available. Restrict access to the `parser.py` module to minimize the risk of exploitation. Avoid using the `length=0` condition in the affected API endpoint until the issue is resolved.
PT-2024-22546
7.5
2024-04-08
Unknown · Faucet Sdn Ryu · CVE-2024-28732
**Name of the Vulnerable Software and Affected Versions** Faucet SDN Ryu version 4.34 **Description** An issue was discovered in OFPMatch in parser.py, allowing remote attackers to cause a denial of service (DoS) through an infinite loop. **Recommendations** For Faucet SDN Ryu version 4.34, consider disabling the OFPMatch functionality in parser.py as a temporary workaround until a patch is available.