Lucene search

[email protected]CVE-2017-1000358

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2017-1000358

2022-10-0316:23:09

CWE-476

[email protected]

web.nvd.nist.gov

cve-2017-1000358

nvd

opendaylight

odl-restconf

security flaw

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

32.1%

JSON

Controller throws an exception and does not allow user to add subsequent flow for a particular switch. Component: OpenDaylight odl-restconf feature contains this flaw. Version: OpenDaylight 4.0 is affected by this flaw.

Affected configurations

NVD

Node

opendaylightopendaylightMatch4.0

CPENameOperatorVersion
opendaylight:opendaylightopendaylighteq4.0

CPE	Name	Operator	Version
opendaylight:opendaylight	opendaylight	eq	4.0

References

aaltodoc.aalto.fi/bitstream/handle/123456789/21584/master_Bidaj_Andi_2016.pdf

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

32.1%

JSON

Related for CVE-2017-1000358

nvd1 prion1 cvelist1 redhatcve1