CVE-2015-1778

CVE-2015-1778

EPSS 2.7%

The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight before Helium SR3 will authenticate any username and password combination.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cloudrouter.org/security/https://wiki.opendaylight.org/view/Security_Advisories http://www.openwall.com/lists/oss-security/2015/03/20/3 http://www.securityfocus.com/bid/73255