CVE-2021-25932
https://notcve.org/view.php?id=CVE-2021-25932
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting, since the function `validateFormInput()` performs improper validation checks on the input sent to the `userID` parameter. Due to this flaw an attacker could inject an arbitrary script which will be stored in the database. En OpenNMS Horizon, versiones opennms-1-0-stable hasta opennms-27.1.0-1; OpenNMS Meridian, versiones meridian-foundation-2015.1.0-1 hasta meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 hasta meridian-foundation-2020.1.6-1 son vulnerables a ataques de tipo Cross-Site Scripting almacenados, ya que la función "validateFormInput()" realiza comprobaciones de comprobación incorrectas en la entrada enviada al parámetro "userID" . Debido a este fallo, un atacante podría inyectar un script arbitrario que se almacenará en la base de datos • https://github.com/OpenNMS/opennms/commit/8a97e6869d6e49da18b208c837438ace80049c01 https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c https://github.com/OpenNMS/opennms/commit/f3ebfa3da5352b4d57f238b54c6db315ad99f10e https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25932 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-25934
https://notcve.org/view.php?id=CVE-2021-25934
In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-1 are vulnerable to Stored Cross-Site Scripting, since the function `createRequisitionedNode()` does not perform any validation checks on the input sent to the `node-label` parameter. Due to this flaw an attacker could inject an arbitrary script which will be stored in the database. En OpenNMS Horizon, versiones opennms-18.0.0-1 hasta opennms-27.1.0-1; OpenNMS Meridian, versiones meridian-foundation-2015.1.0-1 hasta meridian-foundation-2019.1.18-1; versiones meridian-foundation-2020.1.0-1 hasta meridian-foundation-2020.1.7-1, son vulnerables a un ataque de tipo Cross-Site Scripting Almacenado, ya que la función "createRequisitionedNode()" no lleva a cabo ningún chequeo de comprobación en la entrada enviada hacia el parámetro "nodo -label". Debido a este fallo, un atacante podría inyectar un script arbitrario que será almacenado en la base de datos • https://github.com/OpenNMS/opennms/commit/101e3aa06ec9a1f8f266335fc6f5685c062c6117 https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25934 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-25935
https://notcve.org/view.php?id=CVE-2021-25935
In OpenNMS Horizon, versions opennms-17.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-1 are vulnerable to Stored Cross-Site Scripting, since the function `add()` performs improper validation checks on the input sent to the `foreign-source` parameter. Due to this flaw an attacker could bypass the existing regex validation and inject an arbitrary script which will be stored in the database. En OpenNMS Horizon, versiones opennms-17.0.0-1 hasta opennms-27.1.0-1; OpenNMS Meridian, versiones meridian-foundation-2015.1.0-1 hasta meridian-foundation-2019.1.18-1; versiones meridian-foundation-2020.1.0-1 hasta meridian-foundation-2020.1.7-1, son vulnerables a un ataque de tipo Cross-Site Scripting Almacenado, ya que la función "add()" lleva a cabo chequeos de comprobación inapropiadas en la entrada enviada hacia el parámetro "foreign-source". Debido a este fallo, un atacante podría omitir la Comprobación de expresiones regulares existente e inyectar un script arbitrario que será almacenado en la base de datos • https://github.com/OpenNMS/opennms/commit/101e3aa06ec9a1f8f266335fc6f5685c062c6117 https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25935 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-25933
https://notcve.org/view.php?id=CVE-2021-25933
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting, since the function `validateFormInput()` performs improper validation checks on the input sent to the `groupName` and `groupComment` parameters. Due to this flaw, an authenticated attacker could inject arbitrary script and trick other admin users into downloading malicious files which can cause severe damage to the organization using opennms. En OpenNMS Horizon, versiones opennms-1-0-stable hasta opennms-27.1.0-1; OpenNMS Meridian, versiones meridian-foundation-2015.1.0-1 hasta meridian-foundation-2019.1.18-1; versiones meridian-foundation-2020.1.0-1 hasta meridian-foundation-2020.1.6-1, son vulnerables a ataques de tipo Cross-Site Scripting almacenados, ya que la función "validateFormInput()" lleva a cabo validaciones de comprobación inapropiadas en la entrada enviada a los parámetros "groupName" y "groupComment". Debido a este fallo, un atacante autenticado podría inyectar un script arbitrario y engañar a otros usuarios administradores para que descarguen archivos maliciosos que pueden causar daños severos a la organización usando opennms • https://github.com/OpenNMS/opennms/commit/8a97e6869d6e49da18b208c837438ace80049c01%2C https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c https://github.com/OpenNMS/opennms/commit/f3ebfa3da5352b4d57f238b54c6db315ad99f10e https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25933 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-25931
https://notcve.org/view.php?id=CVE-2021-25931
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at `/opennms/admin/userGroupView/users/updateUser`. This flaw allows assigning `ROLE_ADMIN` security role to a normal user. Using this flaw, an attacker can trick the admin user to assign administrator privileges to a normal user by enticing him to click upon an attacker-controlled website. En OpenNMS Horizon, versiones opennms-1-0-stable hasta opennms-27.1.0-1; OpenNMS Meridian, versiones meridian-foundation-2015.1.0-1 hasta meridian-foundation-2019.1.18-1; versiones meridian-foundation-2020.1.0-1 hasta meridian-foundation-2020.1.6-1, son vulnerables a ataques de tipo CSRF, debido a que no presenta protección de tipo CSRF en el parámetro "/opennms/admin/userGroupView/users/updateUser". Este fallo permite asignar el rol de seguridad "ROLE_ADMIN" a un usuario normal. • https://github.com/OpenNMS/opennms/commit/607151ea8f90212a3fb37c977fa57c7d58d26a84 https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25931 • CWE-352: Cross-Site Request Forgery (CSRF) •