CVE-2010-1550Use of Externally-Controlled Format String in HP Openview Network Node Manager

CWE-134Use of Externally-Controlled Format String3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
7.2%
top 8.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP Openview Network Node Manager
Timeline
PublishedMay 13
Latest updateMay 14

Description

Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDhp/openview_network_node_manager7.0.1, 7.51, 7.53+2

🔴Vulnerability Details

2
GHSA
GHSA-c2xv-cj4r-rwv7: Format string vulnerability in ovet_demandpoll2022-05-14
CVEList
CVE-2010-1550: Format string vulnerability in ovet_demandpoll2010-05-13
CVE-2010-1550 — HP vulnerability | cvebase