CVE-2021-25929 - Vulnerability Details - OpenCVE

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since there is no validation on the input being sent to the `name` parameter in `noticeWizard` endpoint. Due to this flaw an authenticated attacker could inject arbitrary script and trick other admin users into downloading malicious files.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00449.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Opennms	Horizon Meridian

Configuration 1 [-]

OR	cpe:2.3:a:opennms:horizon::::::::
	cpe:2.3:a:opennms:meridian::::::::
	cpe:2.3:a:opennms:meridian::::::::

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2021-1120	Cross-site Scripting in OpenNMS Horizon
Github GHSA	GHSA-jmv4-73v2-pvgc	Cross-site Scripting in OpenNMS Horizon

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2
https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929

History

Wed, 30 Apr 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Mend

Published: 2021-05-20T14:09:45.000Z

Updated: 2025-04-30T20:22:43.392Z

Reserved: 2021-01-22T00:00:00.000Z

Link: CVE-2021-25929

Vulnrichment

Updated: 2024-08-03T20:11:28.461Z

NVD

Status : Modified

Published: 2021-05-20T15:15:07.603

Modified: 2025-04-30T21:15:50.443

Link: CVE-2021-25929

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "OpenNMS", "vendor": "n/a", "versions": [{"status": "affected", "version": "opennms-1-0-stable,opennms-1.0.1 through opennms-27.1.0-1,meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1,meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1"}]}], "descriptions": [{"lang": "en", "value": "In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since there is no validation on the input being sent to the `name` parameter in `noticeWizard` endpoint. Due to this flaw an authenticated attacker could inject arbitrary script and trick other admin users into downloading malicious files."}], "problemTypes": [{"descriptions": [{"description": "Cross-Site Scripting", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-05-20T14:25:07.000Z", "orgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "shortName": "Mend"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c"}, {"tags": ["x_refsource_MISC"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com", "ID": "CVE-2021-25929", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "OpenNMS", "version": {"version_data": [{"version_value": "opennms-1-0-stable,opennms-1.0.1 through opennms-27.1.0-1,meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1,meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since there is no validation on the input being sent to the `name` parameter in `noticeWizard` endpoint. Due to this flaw an authenticated attacker could inject arbitrary script and trick other admin users into downloading malicious files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-Site Scripting"}]}]}, "references": {"reference_data": [{"name": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c", "refsource": "MISC", "url": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c"}, {"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929", "refsource": "MISC", "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929"}, {"name": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2", "refsource": "MISC", "url": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:11:28.461Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-04-30T18:46:52.532722Z", "id": "CVE-2021-25929", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-30T20:22:43.392Z"}}]}, "cveMetadata": {"assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "assignerShortName": "Mend", "cveId": "CVE-2021-25929", "datePublished": "2021-05-20T14:09:45.000Z", "dateReserved": "2021-01-22T00:00:00.000Z", "dateUpdated": "2025-04-30T20:22:43.392Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:11:28.461Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-25929", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-30T18:46:52.532722Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-30T18:48:12.243Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "OpenNMS", "versions": [{"status": "affected", "version": "opennms-1-0-stable,opennms-1.0.1 through opennms-27.1.0-1,meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1,meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1"}]}], "references": [{"url": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c", "tags": ["x_refsource_MISC"]}, {"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since there is no validation on the input being sent to the `name` parameter in `noticeWizard` endpoint. Due to this flaw an authenticated attacker could inject arbitrary script and trick other admin users into downloading malicious files."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Cross-Site Scripting"}]}], "providerMetadata": {"orgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "shortName": "Mend", "dateUpdated": "2021-05-20T14:25:07.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "opennms-1-0-stable,opennms-1.0.1 through opennms-27.1.0-1,meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1,meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1"}]}, "product_name": "OpenNMS"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c", "name": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c", "refsource": "MISC"}, {"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929", "name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929", "refsource": "MISC"}, {"url": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2", "name": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since there is no validation on the input being sent to the `name` parameter in `noticeWizard` endpoint. Due to this flaw an authenticated attacker could inject arbitrary script and trick other admin users into downloading malicious files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-Site Scripting"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-25929", "STATE": "PUBLIC", "ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com"}}}}, "cveMetadata": {"cveId": "CVE-2021-25929", "state": "PUBLISHED", "dateUpdated": "2025-04-30T20:22:43.392Z", "dateReserved": "2021-01-22T00:00:00.000Z", "assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "datePublished": "2021-05-20T14:09:45.000Z", "assignerShortName": "Mend"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opennms:horizon:*:*:*:*:*:*:*:*", "matchCriteriaId": "B38D9FCC-AF2B-46B6-9573-04EE36A2BAEB", "versionEndExcluding": "27.1.1", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBFB1241-8D42-4F61-B855-210D963B4B4E", "versionEndExcluding": "2019.1.19", "versionStartIncluding": "2015.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*", "matchCriteriaId": "492F27E1-43CF-4823-B132-DC2730CB8CEA", "versionEndExcluding": "2020.1.7", "versionStartIncluding": "2020.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since there is no validation on the input being sent to the `name` parameter in `noticeWizard` endpoint. Due to this flaw an authenticated attacker could inject arbitrary script and trick other admin users into downloading malicious files."}, {"lang": "es", "value": "En OpenNMS Horizon, versiones opennms-1-0-stable hasta opennms-27.1.0-1; OpenNMS Meridian, versiones meridian-foundation-2015.1.0-1 hasta meridian-foundation-2019.1.18-1; versiones meridian-foundation-2020.1.0-1 hasta meridian-foundation-2020.1.6-1, son vulnerables a ataque de tipo Cross-Site Scripting almacenado, ya que no presenta comprobaci\u00f3n en la entrada que ha sido enviada al par\u00e1metro \"name\" en el endpoint \"noticeWizard\". Debido a este fallo, un atacante autenticado podr\u00eda inyectar un script arbitrario y enga\u00f1ar a otros usuarios administradores para que descarguen archivos maliciosos"}], "id": "CVE-2021-25929", "lastModified": "2025-04-30T21:15:50.443", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2021-05-20T15:15:07.603", "references": [{"source": "vulnerabilitylab@mend.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2"}, {"source": "vulnerabilitylab@mend.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c"}, {"source": "vulnerabilitylab@mend.io", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenNMS/opennms/commit/66c1f626bf38a7d1a9530b4d68598269ee5245a2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929"}], "sourceIdentifier": "vulnerabilitylab@mend.io", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}