// For flags

CVE-2017-1000357

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Denial of Service attack when the switch rejects to receive packets from the controller. Component: This vulnerability affects OpenDaylight odl-l2switch-switch, which is the feature responsible for the OpenFlow communication. Version: OpenDaylight versions 3.3 (Lithium-SR3), 3.4 (Lithium-SR4), 4.0 (Beryllium), 4.1 (Beryllium-SR1), 4.2 (Beryllium-SR2), and 4.4 (Beryllium-SR4) are affected by this flaw. Java version is openjdk version 1.8.0_91.

Un ataque de Denegación de Servicio cuando el switch rechaza recibir paquetes desde el controlador. Componente: esta vulnerabilidad afecta a odl-l2switch-switch de OpenDaylight, que es la funcionalidad responsable de la comunicación OpenFlow. Versión: OpenDaylight versiones 3.3 (Lithium-SR3), 3.4 (Lithium-SR4), 4.0 (Beryllium), 4.1 (Beryllium-SR1), 4.2 (Beryllium-SR2), y 4.4 (Beryllium-SR4) están afectadas por este fallo. La versión de Java es openjdk versión 1.8.0_91.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-04-24 CVE Reserved
  • 2017-04-24 CVE Published
  • 2024-08-05 CVE Updated
  • 2024-08-05 First Exploit
  • 2024-08-13 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-400: Uncontrolled Resource Consumption
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Opendaylight
Search vendor "Opendaylight"
Opendaylight
Search vendor "Opendaylight" for product "Opendaylight"
3.3
Search vendor "Opendaylight" for product "Opendaylight" and version "3.3"
-
Affected
Opendaylight
Search vendor "Opendaylight"
Opendaylight
Search vendor "Opendaylight" for product "Opendaylight"
4.0
Search vendor "Opendaylight" for product "Opendaylight" and version "4.0"
-
Affected