CVE-2023-0872 ROLE_REST can be used to escalate to ROLE_ADMIN via /rest/users

🗓️ 14 Aug 2023 17:21:58Reported by OpenNMSType

Vulnerability in OpenMNS Horizon REST API version 31.0.8 and earlier, CVE-2023-0872

Reporter	Title	Published	Views	Family All 15
0day.today	OpenNMS Horizon 31.0.7 Remote Command Execution Exploit	27 Mar 202400:00	–	zdt
Circl	CVE-2023-0872	14 Aug 202322:19	–	circl
CNNVD	OpenNMS Horizon 安全漏洞	25 Mar 202300:00	–	cnnvd
CVE	CVE-2023-0872	14 Aug 202317:21	–	cve
EUVD	EUVD-2023-2369	3 Oct 202520:07	–	euvd
Github Security Blog	OpenNMS privilege elevation vulnerability	14 Aug 202318:32	–	github
Metasploit	OpenNMS Horizon Authenticated RCE	21 Mar 202419:49	–	metasploit
NVD	CVE-2023-0872	14 Aug 202318:15	–	nvd
OSV	GHSA-W5GQ-XRRP-3FXF OpenNMS privilege elevation vulnerability	14 Aug 202318:32	–	osv
Packet Storm	OpenNMS Horizon 31.0.7 Remote Command Execution	21 Mar 202400:00	–	packetstorm

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "MacOS",
      "Linux"
    ],
    "product": "Horizon",
    "repo": "https://github.com/OpenNMS/opennms",
    "vendor": "The OpenNMS Group",
    "versions": [
      {
        "lessThan": "32.0.2",
        "status": "affected",
        "version": "31.0.8",
        "versionType": "maven"
      },
      {
        "lessThan": "31.0.8",
        "status": "unknown",
        "version": "0",
        "versionType": "maven"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "MacOS",
      "Linux"
    ],
    "product": "Meridian",
    "repo": "https://github.com/OpenNMS/opennms",
    "vendor": "The OpenNMS Group",
    "versions": [
      {
        "lessThanOrEqual": "2020.1.37",
        "status": "affected",
        "version": "2020.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "2021.1.29",
        "status": "affected",
        "version": "2021.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "2022.1.18",
        "status": "affected",
        "version": "2022.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "2023.1.5",
        "status": "affected",
        "version": "2023.0.0",
        "versionType": "maven"
      }
    ]
  }
]

Source	Link
github	www.github.com/OpenNMS/opennms/pull/6354
docs	www.docs.opennms.com/horizon/32/releasenotes/changelog.html

14 Aug 2023 17:21Current

8.3High risk

Vulners AI Score8.3

CVSS 3.18.2

EPSS0.03475

CWE-269