Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from Vendor (mitre) · only source for this CVE.
CVSS VectorVendor: mitre
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
Floodlight SDN OpenFlow Controller v.1.2 has an issue that allows local hosts to construct false broadcast ports causing inter-host communication anomalies.
AnalysisAI
Floodlight SDN OpenFlow Controller v.1.2 has an issue that allows local hosts to construct false broadcast ports causing inter-host communication anomalies. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
Floodlight SDN OpenFlow Controller v.1.2 has an issue that allows local hosts to construct false broadcast ports causing inter-host communication anomalies. Affected products include: Projectfloodlight Floodlight.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Floodlight
View allFloodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can resul
An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module, Topolo
An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module and Lin
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today