[NMS-12612] Open Redirect security issues - The OpenNMS Issue Tracker

XML

Word

Printable

Details

Type: Sub-task
Status: Resolved (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 26.0.0
Component/s: None
Security Level: Default (Default Security Scheme)
Labels:
None

Sprint:
Horizon 2020 - March 18th, Horizon 2020 - April 1st

Description

[RIPS] found 3 Open Redirect issues in the following files of OpenNMS 25.1.2:

AcknowledgeAlarmController
https://github.com/OpenNMS/opennms/blob/master/opennms-webapp/src/main/java/org/opennms/web/controller/alarm/AcknowledgeAlarmController.java
AcknowledgeNotificationController
https://github.com/OpenNMS/opennms/blob/master/opennms-webapp/src/main/java/org/opennms/web/controller/notification/AcknowledgeNotificationController.java
AcknowledgeAlarmByFilterController
https://github.com/OpenNMS/opennms/blob/master/opennms-webapp/src/main/java/org/opennms/web/controller/alarm/AcknowledgeAlarmByFilterController.java

The first issue can be exploited via the GET parameter `redirect` by accessing the following URL:
`http://192.168.56.102:8980/opennms/alarm/acknowledge?redirect=http://google.com&actionCode=unack&alarm=1`

The second issue can be exploited via the GET parameter `redirect` by accessing the following URL:
`192.168.56.102:8980/opennms/notification/acknowledge?redirect=http://google.com&notices=1`

The third issue can be exploited via the GET parameter `redirect` by accessing the following URL:
`http://192.168.56.102:8980/opennms/alarm/acknowledgeByFilter?redirect=http://google.com&actionCode=unack`

For more information about fixing an OpenRedirect see:

https://owasp.org/www-project-cheat-sheets/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html

Attachments

Activity

People

Assignee:: Patrick Schweizer

Reporter:: Patrick Schweizer

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Mar/20 11:31 PM

Updated:: 01/Apr/20 2:04 PM

Resolved:: 24/Mar/20 8:22 PM