OpenNMS Java Object Deserialization RCE
Critical Nessus Plugin ID 87311
SynopsisThe remote OpenNMS server is affected by a remote code execution vulnerability.
DescriptionThe remote OpenNMS server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending a crafted RMI request, to execute arbitrary code on the target host.
SolutionEnsure that all exposed ports used by the OpenNMS server, including the rmi_registry port which exists in default configurations on port 1099, are firewalled from any public networks.