Cross site request forgery (csrf)

2021-05-2015:15:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.6%

JSON

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at /opennms/admin/userGroupView/users/updateUser. This flaw allows assigning ROLE_ADMIN security role to a normal user. Using this flaw, an attacker can trick the admin user to assign administrator privileges to a normal user by enticing him to click upon an attacker-controlled website.

CPENameOperatorVersion
horizonge1.0
horizonlt27.1.1
meridiange2020.1.0
meridianlt2020.1.7
meridiange2015.1.0
meridianlt2019.1.19

Name	Operator	Version
horizon	ge	1.0
horizon	lt	27.1.1
meridian	ge	2020.1.0
meridian	lt	2020.1.7
meridian	ge	2015.1.0
meridian	lt	2019.1.19

References

github.com/OpenNMS/opennms/commit/607151ea8f90212a3fb37c977fa57c7d58d26a84

github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c

www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25931