CVE-2015-1610

MEDIUM

OpenDaylight l2switch - Info Disclosure

Title source: llm

Description

hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing."

References (3)

[Technical Description] http://www.internetsociety.org/sites/default/files/10_4_2.pdf

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/73251

[Vendor Advisory] https://wiki.opendaylight.org/view/Security_Advisories#.5BModerate.5D_CVE-2015-1610_l2switch:_topology_spoofing_via_hosttracker

Scores

CVSS v3 5.3

EPSS 0.0026

EPSS Percentile 48.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Classification

CWE

CWE-264

Status published

Affected Products (2)

opendaylight/l2switch

n/a/n/a

Timeline

Published Mar 20, 2017

Tracked Since Feb 18, 2026