OpenNMS + SpringShell CVE-2022-22965

Originally published at: OpenNMS + SpringShell CVE-2022-22965 – The OpenNMS Group, Inc.

OpenNMS and the Spring Core Remote Code Execution Vulnerability (SpringShell) CVE-2022-22965 A serious remote code execution (RCE) vulnerability exists in some versions of the Spring Framework, which is used by OpenNMS Meridian and Horizon. OpenNMS Meridian and Horizon are not known to be vulnerable because the published exploit for this RCE requires: All Attributes Required…