U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVSS v3.1 Statistics for The OpenNMS Group as of 03/30/2023

6
48
 
6
26
Reference
0-69.9%
Reference
54.2
Contributor
70-94.9%
 
Provider
95-100%
CVE CNA Value Alignment NIST Value Reason
CVE-2023-0815   (6 of 8) Attack Vector (AV) Adjacent Network Attack Vector (AV) Network Applied AV:N due to lack of available Information for NVD Analyst
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) None User Interaction (UI) None
Scope (S) Changed Scope (S) Unchanged Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) High Confidentiality (C) High
Integrity (I) None Integrity (I) None
Availability (A) None Availability (A) None
CVE-2023-0846   (3 of 8) Attack Vector (AV) Adjacent Network Attack Vector (AV) Network Applied AV:N due to lack of available Information for NVD Analyst
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) None No privileges needed by attacker identified by NVD analyst
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Changed Security boundary cross identified
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) High Integrity (I) Low Integrity impact appears non-critical
Availability (A) None Availability (A) None
CVE-2023-0867   (3 of 8) Attack Vector (AV) Adjacent Network Attack Vector (AV) Network Applied AV:N due to network vector identified
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) None No privileges needed by attacker identified by NVD analyst
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Changed Security boundary cross identified
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) High Integrity (I) Low Integrity impact appears non-critical
Availability (A) None Availability (A) None
CVE-2023-0868   (3 of 8) Attack Vector (AV) Adjacent Network Attack Vector (AV) Network Applied AV:N due to network vector identified
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) None No privileges needed by attacker identified by NVD analyst
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Changed Security boundary cross identified
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) High Integrity (I) Low Integrity impact appears non-critical
Availability (A) None Availability (A) None
CVE-2023-0869   (4 of 8) Attack Vector (AV) Adjacent Network Attack Vector (AV) Network Applied AV:N due to network vector identified
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) None No privileges needed by attacker identified by NVD analyst
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Changed Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) Low Integrity (I) Low
Availability (A) None Availability (A) None
CVE-2023-0870   (7 of 8) Attack Vector (AV) Adjacent Network Attack Vector (AV) Adjacent Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Changed Scope (S) Unchanged Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) High Confidentiality (C) High
Integrity (I) High Integrity (I) High
Availability (A) None Availability (A) None