An issue was discovered in Open Network Operating System (ONOS) 1.14. In the Ethernet VPN application (org.onosproject.evpnopenflow), the host event listener does not handle the following event types: HOST_MOVED, HOST_UPDATED. In combination with other applications, this could lead to the absence of intended code execution.
References
Link | Resource |
---|---|
https://www.ndss-symposium.org/wp-content/uploads/2020/02/24080.pdf | Technical Description Third Party Advisory |
Configurations
Information
Published : 2020-02-20 14:15
Updated : 2020-02-25 08:04
NVD link : CVE-2019-16302
Mitre link : CVE-2019-16302
JSON object : View
CWE
CWE-755
Improper Handling of Exceptional Conditions
Products Affected
linuxfoundation
- open_network_operating_system