High severity7.5NVD Advisory· Published Apr 4, 2017· Updated May 13, 2026

CVE-2015-1612

Description

OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to the reuse of LLDP packets, aka "LLDP Relay."

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
org.opendaylight.openflowplugin:openflowpluginMaven	< 0.0.6-Helium-SR3	0.0.6-Helium-SR3

Affected products

Opendaylight/Openflow
cpe:2.3:a:opendaylight:openflow:-:*:*:*:*:opendaylight:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wiki.opendaylight.org/view/Security_AdvisoriesnvdPatchThird Party Advisory
www.securityfocus.com/bid/73254nvdThird Party AdvisoryVDB Entry
cloudrouter.org/security/nvdThird Party Advisory
github.com/advisories/GHSA-f2x4-547g-rp95ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2015-1612ghsaADVISORY
www.internetsociety.org/sites/default/files/10_4_2.pdfnvdTechnical Description
web.archive.org/web/20150510044305/https://wiki.opendaylight.org/view/Security_AdvisoriesghsaWEB
web.archive.org/web/20150701104709/https://www.internetsociety.org/sites/default/files/10_4_2.pdfghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000