CVE-2015-1612: OpenFlow plugin for OpenDaylight LLDP Relay

May 17, 2022 (updated April 22, 2025)

OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to the reuse of LLDP packets, aka “LLDP Relay.”

References

git.opendaylight.org/gerrit/
git.opendaylight.org/gerrit/
github.com/advisories/GHSA-f2x4-547g-rp95
github.com/opendaylight/openflowplugin
nvd.nist.gov/vuln/detail/CVE-2015-1612
web.archive.org/web/20150510044305/https://wiki.opendaylight.org/view/Security_Advisories
web.archive.org/web/20150701104709/https://www.internetsociety.org/sites/default/files/10_4_2.pdf

Code Behaviors & Features

Detect and mitigate CVE-2015-1612 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →