CVE-2021-25931

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at /opennms/admin/userGroupView/users/updateUser. This flaw allows assigning ROLE_ADMIN security role to a normal user. Using this flaw, an attacker can trick the admin user to assign administrator privileges to a normal user by enticing him to click upon an attacker-controlled website.

Published: May 20, 2021
Updated: May 9, 2024
CVE: CVE-2021-25931
GHSA: GHSA-2rq5-68hm-h4j8
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
opennms / meridian	2020.1.0	2020.1.7
opennms / horizon	1.0	27.1.1
opennms / meridian	2015.1.0	2019.1.19
org.opennms / opennms	1.0.0	27.1.1

Vulnerability Database

289,697

CVE-2021-25931