[CVE-2005-2773] HP OpenView Network Node Manager Remote Code Execution Vulnerability

CISA KEV 정보

취약점명	HP OpenView Network Node Manager Remote Code Execution Vulnerability
설명	HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.
조치사항	Apply updates per vendor instructions.
랜섬웨어 캠페인 악용	Unknown
등록일 (KEV)	2022-03-25
조치 기한	2022-04-15
추가 참고	https://nvd.nist.gov/vuln/detail/CVE-2005-2773

NVD 상세 정보

CVSS v3.1: 9.8 CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

설명: HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.

CWE: CWE-77

참조

http://marc.info/?l=bugtraq&m=112499121725662&w=2 [Exploit, Issue Tracking, Mailing List]
http://secunia.com/advisories/16555/ [Not Applicable]
http://www.securityfocus.com/advisories/9150 [Broken Link]
http://www.securityfocus.com/bid/14662 [Broken Link]
https://exchange.xforce.ibmcloud.com/vulnerabilities/21999 [Third Party Advisory]
http://marc.info/?l=bugtraq&m=112499121725662&w=2 [Exploit, Issue Tracking, Mailing List]
http://secunia.com/advisories/16555/ [Not Applicable]
http://www.securityfocus.com/advisories/9150 [Broken Link]
http://www.securityfocus.com/bid/14662 [Broken Link]
https://exchange.xforce.ibmcloud.com/vulnerabilities/21999 [Third Party Advisory]
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2005-2773

This product uses the NVD API but is not endorsed or certified by the NVD.

바로 가기

[CVE-2005-2773] HP OpenView Network Node Manager Remote Code Execution Vulnerability

CISA KEV 정보

NVD 상세 정보

참조

IT 도구 서랍