Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers can SQL inject the component's database (SQLite) without authenticating to the controller or SDNInterfaceapp. SDNInterface has been deprecated in OpenDayLight since it was last used in the final Carbon series release. In addition to the component not being included in OpenDayLight in newer releases, the SDNInterface component is not packaged in the opendaylight package included in RHEL.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
OpenDaylight SDNInterfaceapp SQL注入漏洞
Vulnerability Description
OpenDaylight是美国Linux基金会的一个项目,是一套以社区为主导的开源软件定义网络框架,它包含一套模块合集,能够执行需要快速完成的网络任务。 OpenDaylightzh中的SDNInterfaceapp (SDNI)存在SQL注入漏洞。远程攻击者可利用该漏洞控制应用程序,访问或修改数据并利用底层数据库中的潜在的漏洞。
CVSS Information
N/A
Vulnerability Type
N/A