HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205.
2009-02-08T21:30:04.733
2025-04-09T00:30:58.490
Deferred
CVSSv2: 7.8 (HIGH)
AV:N/AC:L/Au:N/C:C/I:N/A:N
10.0
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | hp | openview_network_node_manager | 7.0.1 | Yes |
| Application | hp | openview_network_node_manager | 7.0.1 | Yes |
| Application | hp | openview_network_node_manager | 7.0.1 | Yes |
| Application | hp | openview_network_node_manager | 7.0.1 | Yes |
| Application | hp | openview_network_node_manager | 7.51 | Yes |
| Application | hp | openview_network_node_manager | 7.51 | Yes |
| Application | hp | openview_network_node_manager | 7.51 | Yes |
| Application | hp | openview_network_node_manager | 7.51 | Yes |
| Application | hp | openview_network_node_manager | 7.53 | Yes |
| Application | hp | openview_network_node_manager | 7.53 | Yes |
| Application | hp | openview_network_node_manager | 7.53 | Yes |
| Application | hp | openview_network_node_manager | 7.53 | Yes |