CVE-2019-16298

{"id": "CVE-2019-16298", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-02-20T22:15:11.490", "references": [{"url": "https://www.ndss-symposium.org/wp-content/uploads/2020/02/24080.pdf", "tags": ["Technical Description", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-755"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Open Network Operating System (ONOS) 1.14. In the virtual broadband network gateway application (org.onosproject.virtualbng), the host event listener does not handle the following event types: HOST_MOVED, HOST_REMOVED, HOST_UPDATED. In combination with other applications, this could lead to the absence of intended code execution."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Open Network Operating System (ONOS) versi\u00f3n 1.14. En la aplicaci\u00f3n virtual broadband network gateway (org.onosproject.virtualbng), el listener de eventos del host no maneja los siguientes tipos de eventos: HOST_MOVED, HOST_REMOVED, HOST_UPDATED. En combinaci\u00f3n con otras aplicaciones, esto podr\u00eda conllevar a la ausencia de ejecuci\u00f3n de c\u00f3digo prevista."}], "lastModified": "2020-02-25T15:47:00.743", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linuxfoundation:open_network_operating_system:1.14.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2817E98-889C-440F-9DFC-A81DAB7D47F6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}