Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID (DataPath IDentifier) in the features_reply message are inherently trusted by the controller. that can result in Denial of Service, Unauthorized Access, Network Instability. This attack appear to be exploitable via Network connectivity: the attacker must first establish a transport connection with the OpenFlow controller and then initiate the OpenFlow handshake.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenFlow 安全漏洞
Vulnerability Description
OpenFlow是一种属于网络链路层的网络通信协议,它能够控制网络交换机或路由器的转发平面。 OpenFlow中的OpenFlow握手存在安全漏洞,该漏洞源于控制器认定features_reply消息中的DPID为可信。攻击者可通过与OpenFlow控制器建立传输连接,然后进行OpenFlow握手利用该漏洞造成拒绝服务,获取未授权的访问权限并造成网络不稳定。
CVSS Information
N/A
Vulnerability Type
N/A