5 matches found
CVE-2020-11886
OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList.htm aka the NodeListController via snmpParm or snmpParmValue to addCriteriaForSnmpParm. This affects Horizon before 25.2.1, Meridian 2019 before 2019.1.4, Meridian 2018 before 2018.1.16, and Meridian 2017 before 2017.1.21...
CVE-2020-11886
OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList.htm aka the NodeListController via snmpParm or snmpParmValue to addCriteriaForSnmpParm. This affects Horizon before 25.2.1, Meridian 2019 before 2019.1.4, Meridian 2018 before 2018.1.16, and Meridian 2017 before 2017.1.21...
Sql injection
OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList.htm aka the NodeListController via snmpParm or snmpParmValue to addCriteriaForSnmpParm. This affects Horizon before 25.2.1, Meridian 2019 before 2019.1.4, Meridian 2018 before 2018.1.16, and Meridian 2017 before 2017.1.21...
CVE-2020-11886
OpenNMS Horizon and Meridian are affected by CVE-2020-11886 due to a HQL Injection vulnerability in the NodeListController (element/nodeList.htm) reachable via snmpParms. The issue allows adding criteria through snmpParm or snmpParmValue, enabling injection in the HQL query. Affected versions are...
CVE-2020-11886
OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList.htm aka the NodeListController via snmpParm or snmpParmValue to addCriteriaForSnmpParm. This affects Horizon before 25.2.1, Meridian 2019 before 2019.1.4, Meridian 2018 before 2018.1.16, and Meridian 2017 before 2017.1.21...