Blog Category: News

OpenNMS + SpringShell CVE-2022-22965

OpenNMS and the Spring Core Remote Code Execution Vulnerability (SpringShell) CVE-2022-22965A serious remote code execution (RCE) vulnerability exists in some versions of the Spring Framework, which is used by OpenNMS Meridian and Horizon. OpenNMS Meridian and Horizon are not known to be vulnerable because the published exploit for this RCE requires: All Attributes Required for [...]

By |2022-11-17T18:42:44+00:00April 1st, 2022|

OpenNMS Products Affected by Apache Log4j Vulnerability CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 (updated Dec. 20, 2021)

Serious remote code execution (RCE) and denial of service (DOS) vulnerabilities in Apache Log4j could affect customers running some OpenNMS products. These vulnerabilities could allow an attacker to shut down or compromise your system by causing OpenNMS to log specially crafted messages into system log files for malicious purposes. Apache Log4j could interpret one of those [...]

By |2021-12-20T21:00:33+00:00December 10th, 2021|
Go to Top