CVE-2019-16298
HIGHONOS Virtual Broadband Network Gateway Host Event Listener Exception Handling Vulnerability
Title source: llmDescription
An issue was discovered in Open Network Operating System (ONOS) 1.14. In the virtual broadband network gateway application (org.onosproject.virtualbng), the host event listener does not handle the following event types: HOST_MOVED, HOST_REMOVED, HOST_UPDATED. In combination with other applications, this could lead to the absence of intended code execution.
References (1)
Core 1
Core References
Technical Description, Third Party Advisory x_refsource_misc
https://www.ndss-symposium.org/wp-content/uploads/2020/02/24080.pdf
Scores
CVSS v3
7.5
EPSS
0.0061
EPSS Percentile
70.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-755
Status
published
Products (1)
linuxfoundation/open_network_operating_system
1.14.0
Published
Feb 20, 2020
Tracked Since
Feb 18, 2026