Filtered by vendor Opennms
Subscribe
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12760 | 1 Opennms | 2 Opennms Horizon, Opennms Meridian | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian before 2018.1.19 and 2019 before 2019.1.7. The ActiveMQ channel configuration allowed for arbitrary deserialization of Java objects (aka ActiveMQ Minion payload deserialization), leading to remote code execution for any authenticated channel user regardless of its assigned permissions. | |||||
| CVE-2020-1652 | 1 Opennms | 1 Opennms | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| OpenNMS is accessible via port 9443 | |||||
| CVE-2015-7856 | 1 Opennms | 1 Opennms | 2024-02-04 | 10.0 HIGH | N/A |
| OpenNMS has a default password of rtc for the rtc account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials. | |||||
| CVE-2014-3960 | 1 Opennms | 1 Opennms | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.12.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-6095 | 1 Opennms | 1 Opennms | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in surveillanceView.htm in OpenNMS 1.5.94 allows remote attackers to inject arbitrary web script or HTML via the viewName parameter. | |||||