CVE-2008-4560

high

HPE

CVSS v3 Base Score

7.8

AV:N/AC:L/Au:N/C:C/I:N/A:N

EPSS Score

0.4%

Exploitation probability in 30 days

Top 38% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

None

Availability

None

Published: February 8, 2009 (6303 days ago)

Last Modified: April 23, 2026

Vendor: HPE

Source: NVD

Description

HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205.

CWE

CWE-200

Affected Products

hp openview network node manager

References

🔗 h20000.www2.hp.com 🔗 labs.idefense.com 🔗 h20000.www2.hp.com 🔗 labs.idefense.com

CVE-2008-4560

Vulnerability Report

Description

CWE

Affected Products

References