CVE-2023-0870
- EPSS 0.04%
- Veröffentlicht 22.03.2023 19:15:11
- Zuletzt bearbeitet 21.11.2024 07:38:00
A form can be manipulated with cross-site request forgery in multiple versions of OpenNMS Meridian and Horizon. This can potentially allow an attacker to gain access to confidential information and compromise integrity. The solution is to upgrade to ...
CVE-2023-0869
- EPSS 0.32%
- Veröffentlicht 23.02.2023 15:15:11
- Zuletzt bearbeitet 21.11.2024 07:38:00
Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4 or newer. ...
CVE-2023-0868
- EPSS 0.52%
- Veröffentlicht 23.02.2023 15:15:11
- Zuletzt bearbeitet 21.11.2024 07:38:00
Reflected cross-site scripting in graph results in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to steal session cookies. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon ...
CVE-2023-0867
- EPSS 0.32%
- Veröffentlicht 23.02.2023 15:15:11
- Zuletzt bearbeitet 21.11.2024 07:38:00
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 ...
CVE-2023-0815
- EPSS 0.33%
- Veröffentlicht 23.02.2023 15:15:10
- Zuletzt bearbeitet 21.11.2024 07:37:53
Potential Insertion of Sensitive Information into Jetty Log Files in multiple versions of OpenNMS Meridian and Horizon could allow disclosure of usernames and passwords if the logging level is set to debug. Users should upgrade to Meridian 2023.1.0 o...
CVE-2023-0846
- EPSS 0.29%
- Veröffentlicht 22.02.2023 19:15:11
- Zuletzt bearbeitet 21.11.2024 07:37:56
Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or ...
CVE-2021-25935
- EPSS 0.26%
- Veröffentlicht 25.05.2021 19:15:07
- Zuletzt bearbeitet 21.11.2024 05:55:38
In OpenNMS Horizon, versions opennms-17.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-1 are vulne...
CVE-2021-25934
- EPSS 0.28%
- Veröffentlicht 25.05.2021 19:15:07
- Zuletzt bearbeitet 21.11.2024 05:55:38
In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-1 are vulne...
CVE-2021-25933
- EPSS 0.49%
- Veröffentlicht 20.05.2021 15:15:07
- Zuletzt bearbeitet 30.04.2025 21:15:51
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vul...
CVE-2021-25931
- EPSS 0.22%
- Veröffentlicht 20.05.2021 15:15:07
- Zuletzt bearbeitet 30.04.2025 21:15:50
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vul...