Password Cache Persistence Vulnerability in OpenDaylight Karaf 0.6.1-Carbon

Password Cache Persistence Vulnerability in OpenDaylight Karaf 0.6.1-Carbon

CVE-2017-1000406 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).

Learn more about our Web Application Penetration Testing UK.