An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.opendaylight.aaa:aaa-artifacts(Maven) | 0 | N/A | N/A |
CVSS Metrics
