CVE-2013-7333 - OpenCVE

A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Projectfloodlight	Open Sdn Controller

Configuration 1 [-]

cpe:2.3:a:projectfloodlight:open_sdn_controller:0.90:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://dovernetworks.com/wp-content/uploads/2013/12/OpenFloodlight-12302013.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-10-23T16:46:21

Updated: 2024-08-06T18:01:20.593Z

Reserved: 2014-03-06T00:00:00

Link: CVE-2013-7333

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-10-23T17:15:10.613

Modified: 2019-10-25T17:29:06.787

Link: CVE-2013-7333

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-10-23T16:46:21", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://dovernetworks.com/wp-content/uploads/2013/12/OpenFloodlight-12302013.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-7333", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://dovernetworks.com/wp-content/uploads/2013/12/OpenFloodlight-12302013.pdf", "refsource": "MISC", "url": "http://dovernetworks.com/wp-content/uploads/2013/12/OpenFloodlight-12302013.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:01:20.593Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://dovernetworks.com/wp-content/uploads/2013/12/OpenFloodlight-12302013.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-7333", "datePublished": "2019-10-23T16:46:21", "dateReserved": "2014-03-06T00:00:00", "dateUpdated": "2024-08-06T18:01:20.593Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:projectfloodlight:open_sdn_controller:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "D272E939-9490-4C5B-87CB-8AE4FE9D122B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch."}, {"lang": "es", "value": "Una vulnerabilidad en la versi\u00f3n 0.90 del software del controlador SDN de Open Floodlight, podr\u00eda permitir que un atacante con acceso a la red de control de OpenFlow desconecte selectivamente los switches individuales desde el controlador SDN, causando degradaci\u00f3n y eventualmente la denegaci\u00f3n del acceso de red a todos los dispositivos conectados al switch objetivo."}], "id": "CVE-2013-7333", "lastModified": "2019-10-25T17:29:06.787", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-23T17:15:10.613", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "http://dovernetworks.com/wp-content/uploads/2013/12/OpenFloodlight-12302013.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}