Insecure Custom Authentication Realm in Opendaylight's Karaf-Tomcat opendaylight Realm
CVE-2015-1778 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight before Helium SR3 will authenticate any username and password combination.
Learn more about our Cis Benchmark Audit For Apache Tomcat.