Vulnerability identifier: #VU13022

Vulnerability risk: Low

CVSSv3.1: 8.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2018-1000155

CWE-ID: CWE-285

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
OpenFlow
Web applications / Remote management & hosting panels

Vendor: Open Networking Foundation

Description
The vulnerability allows an adjacent attacker to bypass authentication on the target system.

The weakness exists due to improper authentication and authorization between an affected OpenFlow controller and a switch communicating with the controller during an OpenFlow handshake. An adjacent attacker who has access to a switch and is able to establish a secure connection with a targeted OpenFlow controller can spoof DataPath Identifiers (DPIDs), send features_reply messages from the switch that the targeted controller would inherently trust and cause the service to crash or bypass security restrictions.

Mitigation
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.

Vulnerable software versions

OpenFlow: 1.0.0 - 1.5.1

---

External links
http://wiki.onosproject.org/pages/viewpage.action?pageId=12422167

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.