cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-45931,https://securityvulnerability.io/vulnerability/CVE-2022-45931,SQL Injection Vulnerability in OpenDaylight's AAA Component,"A SQL injection vulnerability exists in the AAA component of OpenDaylight, specifically in the deleteUser function of the UserStore class. When interacting with the API endpoint /auth/v1/users/, an attacker could manipulate input parameters to execute arbitrary SQL commands, potentially compromising the integrity and confidentiality of the database. This issue affects versions of OpenDaylight AAA prior to 0.16.5 and necessitates prompt action to mitigate risks.",Linux,Opendaylight,7.5,HIGH,0.0006200000061653554,false,,false,false,false,,,false,false,,2022-11-27T00:00:00.000Z,0
CVE-2022-45932,https://securityvulnerability.io/vulnerability/CVE-2022-45932,SQL Injection Vulnerability in OpenDaylight AAA Component,"A SQL injection vulnerability exists in the OpenDaylight AAA component that allows an attacker to craft malicious API requests targeting the /auth/v1/roles/ endpoint. Specifically, the issue lies within the deleteRole function located in the RoleStore class, which fails to properly sanitize input parameters, enabling the manipulation of database queries. This flaw could potentially lead to unauthorized access or modification of user roles, posing significant risks to the integrity of access controls within the OpenDaylight framework.",Linux,Opendaylight,7.5,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2022-11-27T00:00:00.000Z,0
CVE-2022-45930,https://securityvulnerability.io/vulnerability/CVE-2022-45930,SQL Injection Vulnerability in OpenDaylight AAA Component,"A SQL injection vulnerability was identified in the OpenDaylight AAA component, specifically targeting the deleteDomain function within the DomainStore class. This flaw impacts versions prior to 0.16.5 and affects the /auth/v1/domains/ API interface, potentially allowing attackers to manipulate database queries, leading to unauthorized data access and modifications. It is crucial for users operating affected versions to apply security updates promptly to mitigate risks associated with this vulnerability.",Linux,Opendaylight,7.5,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2022-11-27T00:00:00.000Z,0
CVE-2015-1857,https://securityvulnerability.io/vulnerability/CVE-2015-1857,,The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions.,Linux,Opendaylight,5.3,MEDIUM,0.0017500000540167093,false,,false,false,false,,,false,false,,2018-04-27T16:00:00.000Z,0