Hewlett Packard confirmed Wednesday Securina’s disclosure that vulnerabilities exist within every version of HP OpenView Network Node Manager prior to 7.51. With the wide deployment of OpenView and controlled assets typically at critical infrastructure points, this constitutes a high profile risk for most corporations. If you need a way into the heart of a corporations back office, finding one of these services would definitely suffice. Typically, once you’re past the outside perimeter and using the typically out of band networks, the resources are more accessible and the privacy breach notifications are more numerous.
Openview’s version 7.53 is available through HP’s site. Older users may have to upgrade for protections or restrict/disable access to the web controls.
