CVE-2011-0270

CWE-134 — Uncontrolled Format String3 documents3 sources

Severity

10.0CRITICAL

EPSS

31.5%

top 3.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Openview Network Node Manager

Timeline

PublishedJan 13

Latest updateMay 17

Description

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/openview_network_node_manager7.51, 7.53+1

🔴Vulnerability Details

GHSA

GHSA-c67j-99px-gg68: Format string vulnerability in nnmRptConfig↗2022-05-17

▶

CVEList

CVE-2011-0270: Format string vulnerability in nnmRptConfig↗2011-01-13

▶