{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-08-25T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20050825 Portcullis Security Advisory 05-014 HP Openview Remote Command", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2"}, {"name": "hp-openview-node-manager-command-execution(21999)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999"}, {"name": "HPSBMA01224", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www.securityfocus.com/advisories/9150"}, {"name": "14662", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/14662"}, {"name": "16555", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/16555/"}, {"name": "SSRT051023", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www.securityfocus.com/advisories/9150"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2773", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20050825 Portcullis Security Advisory 05-014 HP Openview Remote Command", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2"}, {"name": "hp-openview-node-manager-command-execution(21999)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999"}, {"name": "HPSBMA01224", "refsource": "HP", "url": "http://www.securityfocus.com/advisories/9150"}, {"name": "14662", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14662"}, {"name": "16555", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/16555/"}, {"name": "SSRT051023", "refsource": "HP", "url": "http://www.securityfocus.com/advisories/9150"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:45:02.175Z"}, "title": "CVE Program Container", "references": [{"name": "20050825 Portcullis Security Advisory 05-014 HP Openview Remote Command", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2"}, {"name": "hp-openview-node-manager-command-execution(21999)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999"}, {"name": "HPSBMA01224", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www.securityfocus.com/advisories/9150"}, {"name": "14662", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/14662"}, {"name": "16555", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/16555/"}, {"name": "SSRT051023", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www.securityfocus.com/advisories/9150"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2005-2773", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-07T14:28:10.470925Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-25", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2005-2773"}}}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2005-2773", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "timeline": [{"time": "2022-03-25T00:00:00.000Z", "lang": "en", "value": "CVE-2005-2773 added to CISA KEV"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-22T00:05:57.013Z"}}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-2773", "datePublished": "2005-09-02T04:00:00.000Z", "dateReserved": "2005-09-02T00:00:00.000Z", "dateUpdated": "2025-10-22T00:05:57.013Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2", "name": "20050825 Portcullis Security Advisory 05-014 HP Openview Remote Command", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999", "name": "hp-openview-node-manager-command-execution(21999)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"]}, {"url": "http://www.securityfocus.com/advisories/9150", "name": "HPSBMA01224", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/14662", "name": "14662", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://secunia.com/advisories/16555/", "name": "16555", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://www.securityfocus.com/advisories/9150", "name": "SSRT051023", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:45:02.175Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2005-2773", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-07T14:28:10.470925Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-25", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2005-2773"}}}], "timeline": [{"lang": "en", "time": "2022-03-25T00:00:00.000Z", "value": "CVE-2005-2773 added to CISA KEV"}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2005-2773", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T14:28:03.285Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-08-25T00:00:00.000Z", "references": [{"url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2", "name": "20050825 Portcullis Security Advisory 05-014 HP Openview Remote Command", "tags": ["mailing-list", "x_refsource_BUGTRAQ"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999", "name": "hp-openview-node-manager-command-execution(21999)", "tags": ["vdb-entry", "x_refsource_XF"]}, {"url": "http://www.securityfocus.com/advisories/9150", "name": "HPSBMA01224", "tags": ["vendor-advisory", "x_refsource_HP"]}, {"url": "http://www.securityfocus.com/bid/14662", "name": "14662", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://secunia.com/advisories/16555/", "name": "16555", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://www.securityfocus.com/advisories/9150", "name": "SSRT051023", "tags": ["vendor-advisory", "x_refsource_HP"]}], "descriptions": [{"lang": "en", "value": "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2017-07-10T14:57:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2", "name": "20050825 Portcullis Security Advisory 05-014 HP Openview Remote Command", "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999", "name": "hp-openview-node-manager-command-execution(21999)", "refsource": "XF"}, {"url": "http://www.securityfocus.com/advisories/9150", "name": "HPSBMA01224", "refsource": "HP"}, {"url": "http://www.securityfocus.com/bid/14662", "name": "14662", "refsource": "BID"}, {"url": "http://secunia.com/advisories/16555/", "name": "16555", "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/advisories/9150", "name": "SSRT051023", "refsource": "HP"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-2773", "STATE": "PUBLIC", "ASSIGNER": "cve@mitre.org"}}}}, "cveMetadata": {"cveId": "CVE-2005-2773", "state": "PUBLISHED", "dateUpdated": "2025-10-22T00:05:57.013Z", "dateReserved": "2005-09-02T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2005-09-02T04:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-04-15", "cisaExploitAdd": "2022-03-25", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "HP OpenView Network Node Manager Remote Code Execution Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:openview_network_node_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "15973175-E70A-41C5-AFF2-4F22CB4520E0", "versionEndIncluding": "7.50", "versionStartIncluding": "6.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl."}], "id": "CVE-2005-2773", "lastModified": "2026-04-16T14:03:02.100", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2005-09-02T23:03:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Mailing List"], "url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/16555/"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/advisories/9150"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/bid/14662"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Mailing List"], "url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/16555/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/advisories/9150"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/bid/14662"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["US Government Resource"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2005-2773"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}