Описание
OpenDaylight Authentication, Authorization and Accounting (AAA) peer impersonation vulnerability
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information.
Пакеты
org.opendaylight.aaa:aaa-artifacts
<= 0.19.3
Отсутствует
EPSS
5.3 Medium
CVSS4
4.3 Medium
CVSS3
CVE ID
Дефекты
Связанные уязвимости
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information.
EPSS
5.3 Medium
CVSS4
4.3 Medium
CVSS3