Vulnerability Details CVE-2011-0271
The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.266
EPSS Ranking 96.0%
CVSS Severity
CVSS v2 Score 10.0
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=887
- http://www.securityfocus.com/archive/1/515628
- http://www.securityfocus.com/archive/1/515628
- http://www.securityfocus.com/bid/45762
- http://www.securitytracker.com/id?1024951
- http://www.vupen.com/english/advisories/2011/0085
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64657
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=887
- http://www.securityfocus.com/archive/1/515628
- http://www.securityfocus.com/archive/1/515628
- http://www.securityfocus.com/bid/45762
- http://www.securitytracker.com/id?1024951
- http://www.vupen.com/english/advisories/2011/0085
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64657
Products affected by CVE-2011-0271
-
cpe:2.3:a:hp:openview_network_node_manager:7.51
-
cpe:2.3:a:hp:openview_network_node_manager:7.53