CVE-2015-1857
MEDIUMOpenDaylight < 0.2.4 - Exposure of Sensitive Information via Missing AAA Restrictions
Title source: llmDescription
The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions.
References (3)
Core 3
Core References
Patch, Vendor Advisory x_refsource_confirm
https://git.opendaylight.org/gerrit/#/c/17709/
Patch, Vendor Advisory x_refsource_confirm
https://wiki.opendaylight.org/view/Security_Advisories
Broken Link x_refsource_confirm
https://cloudrouter.org/security/
Scores
CVSS v3
5.3
EPSS
0.0035
EPSS Percentile
57.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
linuxfoundation/opendaylight
< 0.2.4
Published
Apr 27, 2018
Tracked Since
Feb 18, 2026