7.8
CVE-2008-4560
- EPSS 0.43%
- Published 08.02.2009 21:30:04
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205.
Data is provided by the National Vulnerability Database (NVD)
Hp ≫ Openview Network Node Manager Version7.0.1 Editionhp_ux
Hp ≫ Openview Network Node Manager Version7.0.1 Editionlinux
Hp ≫ Openview Network Node Manager Version7.0.1 Editionsolaris
Hp ≫ Openview Network Node Manager Version7.0.1 Editionwindows
Hp ≫ Openview Network Node Manager Version7.51 Update- Editionhp-ux
Hp ≫ Openview Network Node Manager Version7.51 Update- Editionlinux
Hp ≫ Openview Network Node Manager Version7.51 Update- Editionsolaris
Hp ≫ Openview Network Node Manager Version7.51 Update- Editionwindows
Hp ≫ Openview Network Node Manager Version7.53 Update- Editionhp-ux
Hp ≫ Openview Network Node Manager Version7.53 Update- Editionlinux
Hp ≫ Openview Network Node Manager Version7.53 Update- Editionsolaris
Hp ≫ Openview Network Node Manager Version7.53 Update- Editionwindows
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.43% | 0.593 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:C/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.