Vulnerability in Projectfloodlight Open_sdn_controller

CVE-2024-51406

Floodlight SDN Open Flow Controller v.1.2 has an issue that allows local hosts to build fake LLDP packets that allow specific clusters to be missed by Floodlight, which in turn leads to missed hosts inside and outside the cluster.

EPSS: 0.002 (13.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.2 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2024-51406?
CVE-2024-51406 is a medium-severity vulnerability in Projectfloodlight Open_sdn_controller, classified under Authentication Bypass by Spoofing. CVSS score: 6.2/10. Published 2024-11-01.
How severe is CVE-2024-51406?
Medium severity. CVSS v3 base score is 6.2 out of 10.