Authentication bypass in Open Networking Foundation OpenFlow
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-1000155 |
| CWE-ID | CWE-285 CWE-287 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
OpenFlow Web applications / Remote management & hosting panels |
| Vendor | Open Networking Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Authentication bypass
EUVDB-ID: #VU13022
Risk: Low
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-1000155
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to bypass authentication on the target system.
The weakness exists due to improper authentication and authorization between an affected OpenFlow controller and a switch communicating with the controller during an OpenFlow handshake. An adjacent attacker who has access to a switch and is able to establish a secure connection with a targeted OpenFlow controller can spoof DataPath Identifiers (DPIDs), send features_reply messages from the switch that the targeted controller would inherently trust and cause the service to crash or bypass security restrictions.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
OpenFlow: 1.0.0 - 1.5.1
CPE2.3- cpe:2.3:a:open_networking_foundation:openflow:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:open_networking_foundation:openflow:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:open_networking_foundation:openflow:1.0.2:*:*:*:*:*:*:*
https://wiki.onosproject.org/pages/viewpage.action?pageId=12422167
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
