CVE-2015-6569

5.9MEDIUM

Key Information:

Vendor: Atlassian
Status: Floodlight
Vendor: CVE Published:; 21 February 2018

Summary

Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a state manipulation attack.

References

https://floodlight.atlassian.net/wiki/spaces/floodlightco...

x_refsource_CONFIRM

https://github.com/floodlight/floodlight/pull/563

x_refsource_CONFIRM

http://www.securityfocus.com/bid/103132

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 21, 2018
Vulnerability Reserved
Aug 21, 2015