OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).
References
Link | Resource |
---|---|
http://seclists.org/oss-sec/2017/q4/320 | Mailing List Third Party Advisory |
https://git.opendaylight.org/gerrit/#/q/topic:AAA-151 | Vendor Advisory |
https://jira.opendaylight.org/browse/AAA-151 | Issue Tracking Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:10
Updated: 2022-10-03T16:23:10
Reserved: 2022-10-03T00:00:00
Link: CVE-2017-1000406
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-11-30T21:29:00.203
Modified: 2017-12-20T18:52:42.920
Link: CVE-2017-1000406
JSON object: View
Redhat Information
No data.
CWE