OpenNMS Java Object Deserialization RCE

critical Nessus Plugin ID 87311

Synopsis

The remote OpenNMS server is affected by a remote code execution vulnerability.

Description

The remote OpenNMS server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending a crafted RMI request, to execute arbitrary code on the target host.

Solution

Ensure that all exposed ports used by the OpenNMS server, including the rmi_registry port which exists in default configurations on port 1099, are firewalled from any public networks.

See Also

http://www.nessus.org/u?9c6d83db

Plugin Details

Severity: Critical

ID: 87311

File Name: opennms_java_serialize.nasl

Version: 1.8

Type: remote

Family: Misc.

Published: 12/10/2015

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:opennms:opennms

Exploited by Nessus: true

Vulnerability Publication Date: 1/28/2015

Reference Information

CERT: 576313