Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2012-0936
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 4.3/10
- Exploit Score
- 8.6/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- None
- Integrity Impact
- Partial
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:opennms.org:opennms:1.8.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.12:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.15:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.14:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.13:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.16:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.8.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.6.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.1.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.99:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.0.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.6.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.9.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.1.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.97:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.4.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.91:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.9.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.7.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.96:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.92:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.90:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.9.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.1.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.91:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.7.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.7.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.1.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.9.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.9.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.94:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.90:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.8.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.92:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.92:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.8.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.9.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.9.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.1.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.98:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.0.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.6.1--2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.9.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.3.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.93:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.6.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.6.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.2.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.91:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.9.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:0.7.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.7.90:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.3.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.5.95:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.1.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:opennms.org:opennms:1.10.0:*:*:*:*:*:*:* |
Yes
|
- | - |
References
- http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetab
- http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/jav
- http://secunia.com/advisories/47646
- http://www.securityfocus.com/bid/51632
- http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7
- http://osvdb.org/78454
- http://issues.opennms.org/browse/NMS/fixforversion/10825
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72625