CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2005-2773

CVSS 9.8v3.1pub. 2005-09-02upd. 2026-04-16

HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • HP Openview Network Node Manager

    APP
    Hp
    6.2 – 7.50

CISA KEV — detailsi

Vendori
Hewlett Packard (HP)
Producti
OpenView Network Node Manager
Added to KEVi
March 25, 2022
Remediation deadline (US Federal)i
April 15, 2022(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 15 kwietnia 2022
CWE
References

Related vulnerabilities

CVE-2011-3167HIGH10.0ten sam produkt

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers t...

CVE-2011-3166HIGH10.0ten sam produkt

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers t...

CVE-2011-3165HIGH10.0ten sam produkt

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers t...

CVE-2011-0262HIGH10.0ten sam produkt

Buffer overflow in the stringToSeconds function in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node ...

CVE-2011-0263HIGH10.0ten sam produkt

Multiple stack-based buffer overflows in ovas.exe in the OVAS service in HP OpenView Network Node Manager (OV ...