Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Opendaylight Subscribe
Filtered by product Sdninterfaceapp
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1132 1 Opendaylight 1 Sdninterfaceapp 2019-10-09 7.5 HIGH 9.8 CRITICAL
A flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers can SQL inject the component's database (SQLite) without authenticating to the controller or SDNInterfaceapp. SDNInterface has been deprecated in OpenDayLight since it was last used in the final Carbon series release. In addition to the component not being included in OpenDayLight in newer releases, the SDNInterface component is not packaged in the opendaylight package included in RHEL.