CVE-2019-16301

Name of the Vulnerable Software and Affected Versions Open Network Operating System (ONOS) version 1.14

Description An issue was discovered in the virtual tenant network application (org.onosproject.vtn) where the host event listener does not handle the HOST MOVED event type. This could lead to the absence of intended code execution when combined with other applications.

Recommendations For Open Network Operating System (ONOS) version 1.14, consider temporarily disabling the host event listener in the virtual tenant network application until a patch is available. Restrict access to the virtual tenant network application to minimize the risk of exploitation. Avoid using the HOST MOVED event type in the affected application until the issue is resolved.