CVE-2011-0271

The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability."

Published: Jan 13, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-0271
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
hp / openview_network_node_manager	7.51	7.51.x
hp / openview_network_node_manager	7.53	7.53.x

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=887
http://www.securityfocus.com/archive/1/515628
http://www.securityfocus.com/bid/45762
http://www.securitytracker.com/id?1024951
http://www.vupen.com/english/advisories/2011/0085
https://exchange.xforce.ibmcloud.com/vulnerabilities/64657

Vulnerability Database

289,782

CVE-2011-0271