Almost all of the OpenNMS products like Horizon, Meridian (including derived Minions and Sentinels), Minion appliance and PoweredBy OpenNMS have been affected by Log4j Vulnerability. Workarounds given earlier for these products have been withdrawn as the NMS team has asked the customers to upgrade to the latest versions of Horizon and Median (29.0.3). For OpenNMS the user has to upgrade to log4j manually in their code as per the Advisory
| OpenNMS | Versions | Status | Source |
|---|---|---|---|
| Horizon (including derived Sentinels) | <= 29.0.3 | Vulnerable | source |
| Meridian (including derived Minions and Sentinels) | < 2021.1.8, 2020.1.15, 2019.1.27 | Vulnerable | source |
| Minion appliance | All | Vulnerable | source |
| PoweredBy OpenNMS | All | Vulnerable | source |