Vulnerability Details : CVE-2020-12760
An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian before 2018.1.19 and 2019 before 2019.1.7. The ActiveMQ channel configuration allowed for arbitrary deserialization of Java objects (aka ActiveMQ Minion payload deserialization), leading to remote code execution for any authenticated channel user regardless of its assigned permissions.
Vulnerability category: Execute code
Products affected by CVE-2020-12760
- cpe:2.3:a:opennms:opennms_horizon:*:*:*:*:*:*:*:*
- cpe:2.3:a:opennms:opennms_meridian:*:*:*:*:*:*:*:*
- cpe:2.3:a:opennms:opennms_meridian:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-12760
0.35%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-12760
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2020-12760
-
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-12760
-
https://www.opennms.com/en/blog/2020-04-29-opennms-meridian-2019-1-6-europa-released/
OpenNMS Meridian 2019.1.6 (Europa) Released – The OpenNMS Group, Inc.Release Notes;Vendor Advisory
-
https://www.opennms.com/en/blog/2020-04-29-opennms-meridian-2018-1-18-wildfire-released/
OpenNMS Meridian 2018.1.18 (Wildfire) Released – The OpenNMS Group, Inc.Release Notes;Vendor Advisory
-
https://www.opennms.com/en/blog/2020-04-29-opennms-horizon-26-0-1-luchador-released/
OpenNMS Horizon 26.0.1 (Luchador) Released – The OpenNMS Group, Inc.Release Notes;Vendor Advisory
-
https://github.com/OpenNMS/opennms/releases/tag/opennms-26.0.1-1
Release OpenNMS Horizon 26.0.1 (Luchador) · OpenNMS/opennms · GitHubRelease Notes
-
https://issues.opennms.org/browse/NMS-12673
[NMS-12673] Authenticated RCE vulnerability via ActiveMQ Minion payload deserialization - The OpenNMS Issue TrackerVendor Advisory
Jump to