ROLE_FILESYSTEM_EDITOR Can Be Used To Escalate To ROLE_ADMIN
CVE-2023-40315

8HIGH

Key Information:

Vendor: The Opennms Group
Status: Horizon; Meridian
Vendor: CVE Published:; 17 August 2023

🔔 Create The Opennms Group Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2023-40315?

In versions of OpenMNS Horizon prior to 32.0.2 and Meridian earlier than 2023.1.5, a vulnerability exists that allows users with the ROLE_FILESYSTEM_EDITOR to elevate their permissions to ROLE_ADMIN or other roles. This could lead to unauthorized access and control over organizational resources. Users are advised to upgrade to the latest versions to mitigate this risk. Installation of OpenNMS products should be limited to private networks and not accessible directly from the Internet.

Affected Version(s)

Horizon Windows 31.0.8 < 32.0.2

Meridian Windows 2023.0.0 < 2023.1.5

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2023-40315
Created by Rapid7

References

https://github.com/OpenNMS/opennms/pull/6250

https://docs.opennms.com/meridian/2023/releasenotes/chang...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Dec 13, 2023
👾
Exploit known to exist
Dec 13, 2023
Vulnerability published
Aug 17, 2023
Vulnerability Reserved
Aug 14, 2023

Credit

Erik Wynter