CVE-2011-0271
Summary
| CVE | CVE-2011-0271 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2011-01-13 19:00:00 UTC |
| Updated | 2017-08-17 01:33:00 UTC |
| Description | The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability." |
Risk And Classification
Problem Types: CWE-78
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hp | Openview Network Node Manager | 7.51 | All | All | All |
| Application | Hp | Openview Network Node Manager | 7.53 | All | All | All |
| Application | Hp | Openview Network Node Manager | 7.51 | All | All | All |
| Application | Hp | Openview Network Node Manager | 7.53 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityFocus | HP | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities | BID | www.securityfocus.com | |
| 20110110 HP Network Node Manager Command Injection Vulnerability | IDEFENSE | labs.idefense.com | |
| SecurityTracker: HP OpenView Network Node Manager Multiple Bugs Let Remote Users Execute Arbitrary Code | SECTRACK | www.securitytracker.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.