CVE-2015-1611
OpenFlow plugin for OpenDaylight allows spoofing the SDN topology
7.5
HIGH
CVSS 3.1
EPSS 0.63%
Description
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection."
How to fix CVE-2015-1611
To remediate CVE-2015-1611, upgrade the affected package to a fixed version below.
- Maven/org.opendaylight.openflowplugin:openflowplugin—upgrade to 0.0.6-Helium-SR3 or later
Is CVE-2015-1611 being exploited?
Low — EPSS is 0.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.0.6-Helium-SR3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |