{"api_version":"1","generated_at":"2026-04-24T23:12:21+00:00","cve":"CVE-2011-0271","urls":{"html":"https://cve.report/CVE-2011-0271","api":"https://cve.report/api/cve/CVE-2011-0271.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2011-0271","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2011-0271"},"summary":{"title":"CVE-2011-0271","description":"The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a \"command injection vulnerability.\"","state":"PUBLIC","assigner":"hp-security-alert@hp.com","published_at":"2011-01-13 19:00:00","updated_at":"2017-08-17 01:33:00"},"problem_types":["CWE-78"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/archive/1/515628","name":"SSRT100352","refsource":"HP","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2011/0085","name":"ADV-2011-0085","refsource":"VUPEN","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/45762","name":"45762","refsource":"BID","tags":[],"title":"HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=887","name":"20110110 HP Network Node Manager Command Injection Vulnerability","refsource":"IDEFENSE","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.securitytracker.com/id?1024951","name":"1024951","refsource":"SECTRACK","tags":[],"title":"SecurityTracker: HP OpenView Network Node Manager Multiple Bugs Let Remote Users Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64657","name":"hp-opennnm-cgi-command-exec(64657)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2011-0271","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0271","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2011","cve_id":"271","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_network_node_manager","cpe6":"7.51","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"271","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_network_node_manager","cpe6":"7.53","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"271","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_network_node_manager","cpe6":"7.51","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"271","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_network_node_manager","cpe6":"7.53","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"hp-security-alert@hp.com","ID":"CVE-2011-0271","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a \"command injection vulnerability.\""}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"HPSBMA02621","refsource":"HP","url":"http://www.securityfocus.com/archive/1/515628"},{"name":"ADV-2011-0085","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2011/0085"},{"name":"SSRT100352","refsource":"HP","url":"http://www.securityfocus.com/archive/1/515628"},{"name":"hp-opennnm-cgi-command-exec(64657)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64657"},{"name":"20110110 HP Network Node Manager Command Injection Vulnerability","refsource":"IDEFENSE","url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=887"},{"name":"45762","refsource":"BID","url":"http://www.securityfocus.com/bid/45762"},{"name":"1024951","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1024951"}]}},"nvd":{"publishedDate":"2011-01-13 19:00:00","lastModifiedDate":"2017-08-17 01:33:00","problem_types":["CWE-78"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":10},"severity":"HIGH","exploitabilityScore":10,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:hp:openview_network_node_manager:7.53:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2011","CveId":"271","Ordinal":"47200","Title":"CVE-2011-0271","CVE":"CVE-2011-0271","Year":"2011"},"notes":[{"CveYear":"2011","CveId":"271","Ordinal":"1","NoteData":"The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a \"command injection vulnerability.\"","Type":"Description","Title":null},{"CveYear":"2011","CveId":"271","Ordinal":"2","NoteData":"2011-01-13","Type":"Other","Title":"Published"},{"CveYear":"2011","CveId":"271","Ordinal":"3","NoteData":"2017-08-16","Type":"Other","Title":"Modified"}]}}}