PT-2011-4285 · Hewlett Packard · Hp Openview Network Node Manager

Published

2011-11-02

Updated

2012-02-15

CVE-2011-3165

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP OpenView Network Node Manager versions 7.51 through 7.53

Description The issue allows remote attackers to execute arbitrary code. The vulnerability is related to the nnmRptConfig.exe and nameParams components.

Recommendations For versions 7.51 and 7.53, consider restricting access to the nnmRptConfig.exe until a patch is available. As a temporary workaround, avoid using the nameParams component in the affected nnmRptConfig.exe until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2011-3165

ZDI-11-348

Affected Products

Hp Openview Network Node Manager

PT-2011-4285 · Hewlett Packard · Hp Openview Network Node Manager

CVE-2011-3165

Related Identifiers

Affected Products

References · 5