Open NMS | Log4j Vulnerability

Almost all of the OpenNMS products like Horizon, Meridian (including derived Minions and Sentinels), Minion appliance and PoweredBy OpenNMS have been affected by Log4j Vulnerability. Workarounds given earlier for these products have been withdrawn as the NMS team has asked the customers to upgrade to the latest versions of Horizon and Median (29.0.3). For OpenNMS the user has to upgrade to log4j manually in their code as per the Advisory

OpenNMSVersionsStatusSource
Horizon (including derived Sentinels)<= 29.0.3Vulnerablesource
Meridian (including derived Minions and Sentinels)< 2021.1.8, 2020.1.15, 2019.1.27 Vulnerablesource
Minion appliance All Vulnerablesource
PoweredBy OpenNMS All Vulnerablesource
Source: https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/
Scroll to Top