Known Vulnerabilities for Meridian by Opennms
Listed below are 10 of the newest known vulnerabilities associated with "Meridian" by "Opennms".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-40612 json | In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2, the file editor which is accessible to any user with ROLE_FILESYS... | 8 - HIGH | 2023-08-23 | 2023-08-30 |
| CVE-2023-40315 json | In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYST... | 8 - HIGH | 2023-08-17 | 2023-08-23 |
| CVE-2023-40313 json | A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian ve... | 8.8 - HIGH | 2023-08-17 | 2023-08-23 |
| CVE-2023-40312 json | Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions e... | 5.2 - MEDIUM | 2023-08-14 | 2023-08-23 |
| CVE-2023-40311 json | Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earl... | 4.8 - MEDIUM | 2023-08-14 | 2023-08-23 |
| CVE-2023-0872 json | The Horizon REST API includes a users endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platfor... | 8 - HIGH | 2023-08-14 | 2023-08-21 |
| CVE-2023-0871 json | XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vul... | 6.1 - MEDIUM | 2023-08-11 | 2023-08-22 |
| CVE-2023-0870 json | A form can be manipulated with cross-site request forgery in multiple versions of OpenNMS Meridian and Horizon. This can pote... | 6.7 - MEDIUM | 2023-03-22 | 2023-11-07 |
| CVE-2023-0869 json | Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to con... | 6.1 - MEDIUM | 2023-02-23 | 2023-11-07 |
| CVE-2023-0868 json | Reflected cross-site scripting in graph results in multiple versions of OpenNMS Meridian and Horizon could allow an attacker ... | 6.1 - MEDIUM | 2023-02-23 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Opennms | Meridian | 2019.1.6 | |||
| Application | Opennms | Meridian | 2019.1.5 | |||
| Application | Opennms | Meridian | 2019.1.4 | |||
| Application | Opennms | Meridian | 2019.1.3 | |||
| Application | Opennms | Meridian | 2019.1.2 | |||
| Application | Opennms | Meridian | 2019.1.1 | |||
| Application | Opennms | Meridian | 2019.1.0 | |||
| Application | Opennms | Meridian | 2019 | |||
| Application | Opennms | Meridian | 2018.1.9 | |||
| Application | Opennms | Meridian | 2018.1.8 | |||
| Application | Opennms | Meridian | 2018.1.7 | |||
| Application | Opennms | Meridian | 2018.1.6 | |||
| Application | Opennms | Meridian | 2018.1.5 | |||
| Application | Opennms | Meridian | 2018.1.4 | |||
| Application | Opennms | Meridian | 2018.1.3 | |||
| Application | Opennms | Meridian | 2018.1.2 | |||
| Application | Opennms | Meridian | 2018.1.16 | |||
| Application | Opennms | Meridian | 2018.1.15 | |||
| Application | Opennms | Meridian | 2018.1.14 | |||
| Application | Opennms | Meridian | 2018.1.13 |