CVE-2015-6857 - Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02,

CVE-2015-6857

Summary

Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.

References

Vulnerable Configurations

cpe:2.3:a:hp:loadrunner:11.52:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:11.52:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:12.00:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:12.00:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:12.01:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:12.01:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:12.02:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:12.02:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:12.50:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:12.50:*:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*
cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 07-12-2016 - 18:22)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	77946
confirm	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374
misc	http://www.zerodayinitiative.com/advisories/ZDI-15-581
sectrack	1034259

Last major update

07-12-2016 - 18:22

Published

26-11-2015 - 03:59

Last modified

07-12-2016 - 18:22