CVE-2024-51406

Sažetak

Floodlight SDN Open Flow Controller v.1.2 has an issue that allows local hosts to build fake LLDP packets that allow specific clusters to be missed by Floodlight, which in turn leads to missed hosts inside and outside the cluster.

Reference

https://github.com/floodlight/floodlight
https://github.com/floodlight/floodlight/issues/870
https://ieeexplore.ieee.org/document/10246976

CVSS

Base:	6.2
Impact:	3.6
Exploitability:	2.5

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

04-11-2024 - 19:35

Objavljeno

01-11-2024 - 14:15