CVE-2018-1000617

Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and earlier versions contains a Denial of Service vulnerability in Forwarding module that can result in Improper type cast in Forwarding module allows remote attackers to cause a DoS(thread crash).. This attack appear to be exploitable via network connectivity (Remote attack).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
atlassianfloodlight_controller
𝑥
≤ 1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://gms.cl0udz.com/Floodlight_DoS.pdf
http://www.securityfocus.com/bid/104711
http://gms.cl0udz.com/Floodlight_DoS.pdf
http://www.securityfocus.com/bid/104711