Vulnerability CVE-2015-1610


Published: 2017-03-20   Modified: 2017-03-23

Description:
hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing."

Vendor: Opendaylight
Product: L2switch 

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
http://www.internetsociety.org/sites/default/files/10_4_2.pdf
http://www.securityfocus.com/bid/73251
https://wiki.opendaylight.org/view/Security_Advisories#.5BModerate.5D_CVE-2015-1610_l2switch:_topology_spoofing_via_hosttracker

Copyright 2017, cxsecurity.com