HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities Network Vulnerability

Summary

HP OpenView Network Node Manager (NNM) is prone to multiple remote code-execution vulnerabilities because it fails to sanitize user- supplied data. An attacker can exploit these issues to execute arbitrary code with the privileges of the user running the affected application. Successful exploits will compromise the affected application and possibly the underlying computer. These issues affects NNM 7.51, v7.53 running on HP-UX, Linux, Solaris, and Windows other versions and platforms may also be affected.

Solution

Updates are available please contact the vendor for more information.

References

http://www.openview.hp.com/products/nnm/
http://www.securityfocus.com/archive/1/520349
http://www.securityfocus.com/bid/50471

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3166, CVE-2011-3167
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability
ATutor < 1.5.1-pl1 Multiple Flaws
A Really Simple Chat Multiple SQL Injection Vulnerabilities
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
AjaXplorer zoho plugin Directory Traversal Vulnerability

Take action and discover your vulnerabilities