Known Vulnerabilities for products from Opennms
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Opennms".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-40612 json | In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2, the file editor which is accessible to any user with ROLE_FILESYS... | 8 - HIGH | 2023-08-23 | 2023-08-30 |
| CVE-2023-40315 json | In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYST... | 8 - HIGH | 2023-08-17 | 2023-08-23 |
| CVE-2023-40313 json | A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian ve... | 8.8 - HIGH | 2023-08-17 | 2023-08-23 |
| CVE-2023-40312 json | Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions e... | 5.2 - MEDIUM | 2023-08-14 | 2023-08-23 |
| CVE-2023-40311 json | Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earl... | 4.8 - MEDIUM | 2023-08-14 | 2023-08-23 |
| CVE-2023-0872 json | The Horizon REST API includes a users endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platfor... | 8 - HIGH | 2023-08-14 | 2023-08-21 |
| CVE-2023-0871 json | XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vul... | 6.1 - MEDIUM | 2023-08-11 | 2023-08-22 |
| CVE-2023-0870 json | A form can be manipulated with cross-site request forgery in multiple versions of OpenNMS Meridian and Horizon. This can pote... | 6.7 - MEDIUM | 2023-03-22 | 2023-11-07 |
| CVE-2023-0869 json | Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to con... | 6.1 - MEDIUM | 2023-02-23 | 2023-11-07 |
| CVE-2023-0868 json | Reflected cross-site scripting in graph results in multiple versions of OpenNMS Meridian and Horizon could allow an attacker ... | 6.1 - MEDIUM | 2023-02-23 | 2023-11-07 |
| CVE-2023-0867 json | Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridi... | 6.1 - MEDIUM | 2023-02-23 | 2023-11-07 |
| CVE-2023-0846 json | Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon a... | 6.1 - MEDIUM | 2023-02-22 | 2023-11-07 |
| CVE-2023-0815 json | Potential Insertion of Sensitive Information into Jetty Log Files in multiple versions of OpenNMS Meridian and Horizon could ... | 6.5 - MEDIUM | 2023-02-23 | 2023-11-07 |
| CVE-2021-25935 json | In OpenNMS Horizon, versions opennms-17.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1... | 5.4 - MEDIUM | 2021-05-25 | 2021-06-03 |
| CVE-2021-25934 json | In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1... | 5.4 - MEDIUM | 2021-05-25 | 2021-06-03 |
| CVE-2021-25933 json | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015... | 4.8 - MEDIUM | 2021-05-20 | 2023-11-07 |
| CVE-2021-25932 json | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015... | 5.4 - MEDIUM | 2021-06-01 | 2021-06-11 |
| CVE-2021-25931 json | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015... | 8.8 - HIGH | 2021-05-20 | 2021-05-26 |
| CVE-2021-25930 json | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015... | 4.3 - MEDIUM | 2021-05-20 | 2021-05-26 |
| CVE-2021-25929 json | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015... | 4.8 - MEDIUM | 2021-05-20 | 2021-05-26 |
Known software with vulnerabilities from Opennms
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Opennms | Horizon | 17.0.0 |
| Application | Opennms | Meridian | 2017 |
| Application | Opennms | Opennms | - |
| Application | Opennms | Opennms Horizon | 26.1.0 |
| Application | Opennms | Opennms Meridian | 2018.1.19 |