CVE-2017-1000361: OpenDaylight Controller DoS

May 13, 2022 (updated July 26, 2023)

DOMRpcImplementationNotAvailableException when sending Port-Status packets to OpenDaylight. Controller launches exceptions and consumes more CPU resources. Component: OpenDaylight is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.

References

aaltodoc.aalto.fi/bitstream/handle/123456789/21584/master_Bidaj_Andi_2016.pdf
github.com/advisories/GHSA-8p5x-w9cv-92hv
nvd.nist.gov/vuln/detail/CVE-2017-1000361

Detect and mitigate CVE-2017-1000361 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →