Security of Software Defined Networking (SDN) is an open issue due to many reasons. Security requirements were not considered in the primary definition of SDN. As a consequence, SDN enlarges the network vulnerability surface by introducing new vulnerabilities that did not exist in the conventional networking architecture. In addition, there are neither security risk management processes neither mathematical models that address specifically SDN security and the influence of its specific features. In this context, we provide a vulnerability analysis for SDN in order to study its weaknesses and to measure their impacts. Our analysis specifies a model of SDN assets that need to be protected. Then, it derives 90 SDN generic vulnerabilities using standardized security objectives. It relies on an open standardized semi qualitative semi quantitative scoring system to calculate the severities of theses vulnerabilities. Then, it adapts them to SDN specific features using Analytical Hierarchical Process.