Skip to content

Open NMS | Log4j Vulnerability

Almost all of the OpenNMS products like Horizon, Meridian (including derived Minions and Sentinels), Minion appliance and PoweredBy OpenNMS have been affected by Log4j Vulnerability. Workarounds given earlier for these products have been withdrawn as the NMS team has asked the customers to upgrade to the latest versions of Horizon and Median (29.0.3). For OpenNMS the user has to upgrade to log4j manually in their code as per the Advisory

OpenNMS VersionsStatusSource
Horizon (including derived Sentinels)<= 29.0.3Vulnerablesource
Meridian (including derived Minions and Sentinels)< 2021.1.8, 2020.1.15, 2019.1.27 Vulnerable source
Minion appliance All Vulnerable source
PoweredBy OpenNMS All Vulnerable source