Vulnerability Name: | CVE-2011-0271 (CCN-64657) | ||||||||
Assigned: | 2010-12-23 | ||||||||
Published: | 2011-01-10 | ||||||||
Updated: | 2017-08-17 | ||||||||
Summary: | The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability." | ||||||||
CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-78 | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2011-0271 Source: CCN Type: HP Security Bulletin HPSBMA02621 SSRT100352 rev.2 HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code Source: IDEFENSE Type: UNKNOWN 20110110 HP Network Node Manager Command Injection Vulnerability Source: CCN Type: SECTRACK ID: 1024951 HP OpenView Network Node Manager Multiple Bugs Let Remote Users Execute Arbitrary Code Source: CCN Type: OSVDB ID: 70475 HP OpenView Network Node Manager (OV NNM) CGI Scripts Command Injection Arbitrary Code Execution Source: HP Type: UNKNOWN SSRT100352 Source: BID Type: UNKNOWN 45762 Source: CCN Type: BID-45762 HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities Source: SECTRACK Type: UNKNOWN 1024951 Source: VUPEN Type: UNKNOWN ADV-2011-0085 Source: XF Type: UNKNOWN hp-opennnm-cgi-command-exec(64657) Source: XF Type: UNKNOWN hp-opennnm-cgi-command-exec(64657) Source: CCN Type: iDefense Public Advisory: 01.10.11 HP Network Node Manager Command Injection Vulnerability | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |