Insecure Input Validation in Floodlight 1.2's StaticFlowEntryPusherResource.java
CVE-2020-18685 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs.
Learn more about our Web Application Penetration Testing UK.