CVE-2011-0271

CWE-78 — OS Command Injection3 documents3 sources

Severity

10.0CRITICAL

EPSS

15.5%

top 5.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Openview Network Node Manager

Timeline

PublishedJan 13

Latest updateMay 17

Description

The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/openview_network_node_manager7.51, 7.53+1

🔴Vulnerability Details

GHSA

GHSA-gmwh-w874-fr82: The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7↗2022-05-17

▶

CVEList

CVE-2011-0271: The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7↗2011-01-13

▶