CVE-2012-0936

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-0936
Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a
http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs Vendor Advisory
http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel
http://issues.opennms.org/browse/NMS/fixforversion/10825
http://osvdb.org/78454
http://secunia.com/advisories/47646 Vendor Advisory
http://www.securityfocus.com/bid/51632
https://exchange.xforce.ibmcloud.com/vulnerabilities/72625
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:opennms.org:opennms:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.5:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.7:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.8:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.9:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.10:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.11:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.12:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.13:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.14:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.15:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.8.16:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:opennms.org:opennms:*:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.6.1--2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.7.5:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.7:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.9:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.3.11:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.90:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.91:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.92:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.93:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.94:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.95:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.96:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.97:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.98:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.5.99:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.5:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.6:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.7:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.8:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.9:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.10:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.6.11:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.6:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.7:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.8:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.9:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.10:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.90:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.91:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.7.92:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.3:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.4:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.5:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.6:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.7:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.8:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.90:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.91:*:*:*:*:*:*:*
cpe:2.3:a:opennms.org:opennms:1.9.92:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:opennms.org:opennms:1.10.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2012-01-29 04:04

Updated : 2024-02-04 17:54

NVD link : CVE-2012-0936

Mitre link : CVE-2012-0936

CVE.ORG link : CVE-2012-0936

JSON object : View

Products Affected

opennms.org

  • opennms
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')