Secure OpenNMS Meridian: Get started with the reference architecture
Secure your Meridian deployment Simply deploying a monitoring solution, like OpenNMS Meridian, opens up new security challenges and implications. Fortunately, [...]
What is Network Segmentation?
Network segmentation is the process of dividing a network into smaller, more manageable pieces (segments) to improve its security posture. [...]
Security update: Mandatory GPG key rotation for Meridian and Horizon
In the wake of the CircleCI breach, we have been reviewing policies and updating keys and tokens used in our [...]
2022 Cybersecurity Awareness Month
October’s Cybersecurity Awareness Month seems like a great time to discuss the improvements we are making at The OpenNMS Group [...]
OpenNMS is now a CNA!
The security team at The OpenNMS Group has partnered with MITRE to become a Common Vulnerability and Exposures (CVE) Numbering [...]
OpenNMS + SpringShell CVE-2022-22965
Spring Core Remote Code Execution Vulnerability (SpringShell) CVE-2022-22965 A serious remote code execution (RCE) vulnerability exists in some versions of [...]
Security Releases – Horizon 29.0.4, Meridian 2021.1.9, 2020.1.17, 2019.1.28
(deep breath) Today we released off-cycle updates to all OpenNMS Meridian versions under active support, as well as Horizon 29, to address additional Log4j2 "Log4Shell" vulnerabilities.
Security Releases – Horizon 29.0.3, Meridians 2021.1.8, 2020.1.16, 2019.1.27
Today we released updates to all OpenNMS Meridian versions under active support, as well as Horizon 29, to address the Log4j2 "Log4Shell" vulnerability.
OpenNMS Products Affected by Apache Log4j Vulnerability CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 (updated Dec. 20, 2021)
Updates The log4j.formatMsgNoLookups work-around is no longer recommended. We are evaluating CVE-2021-45105 and at this time do not believe our [...]
CVE-2021-3396: Full Security Disclosure
OpenNMS Security Issue Requires Immediate Upgrade The OpenNMS Group recently learned about and fixed a security vulnerability that allowed local [...]
Secure OpenNMS Meridian: Get started with the reference architecture
Secure your Meridian deployment Simply deploying a monitoring solution, like OpenNMS Meridian, opens up new security challenges and implications. Fortunately, [...]
What is Network Segmentation?
Network segmentation is the process of dividing a network into smaller, more manageable pieces (segments) to improve its security posture. [...]
Security update: Mandatory GPG key rotation for Meridian and Horizon
In the wake of the CircleCI breach, we have been reviewing policies and updating keys and tokens used in our [...]
2022 Cybersecurity Awareness Month
October’s Cybersecurity Awareness Month seems like a great time to discuss the improvements we are making at The OpenNMS Group [...]
OpenNMS is now a CNA!
The security team at The OpenNMS Group has partnered with MITRE to become a Common Vulnerability and Exposures (CVE) Numbering [...]
OpenNMS + SpringShell CVE-2022-22965
Spring Core Remote Code Execution Vulnerability (SpringShell) CVE-2022-22965 A serious remote code execution (RCE) vulnerability exists in some versions of [...]
Security Releases – Horizon 29.0.4, Meridian 2021.1.9, 2020.1.17, 2019.1.28
(deep breath) Today we released off-cycle updates to all OpenNMS Meridian versions under active support, as well as Horizon 29, to address additional Log4j2 "Log4Shell" vulnerabilities.
Security Releases – Horizon 29.0.3, Meridians 2021.1.8, 2020.1.16, 2019.1.27
Today we released updates to all OpenNMS Meridian versions under active support, as well as Horizon 29, to address the Log4j2 "Log4Shell" vulnerability.
OpenNMS Products Affected by Apache Log4j Vulnerability CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 (updated Dec. 20, 2021)
Updates The log4j.formatMsgNoLookups work-around is no longer recommended. We are evaluating CVE-2021-45105 and at this time do not believe our [...]
CVE-2021-3396: Full Security Disclosure
OpenNMS Security Issue Requires Immediate Upgrade The OpenNMS Group recently learned about and fixed a security vulnerability that allowed local [...]
