Vulnerabilites related to hp - performance_center
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:35
Severity ?
Summary
A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securitytracker.com/id/1038867 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1038868 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038867 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038868 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | * | |
| hp | performance_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0458950F-9181-4A1A-8CEF-E41425A347AA",
"versionEndIncluding": "12.53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1D654F-0D62-46CB-BEBC-3BB68A097FF4",
"versionEndIncluding": "12.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) remoto en HPE LoadRunner en versiones v12.53 y anteriores y en HPE Performance Center en versiones v12.53 y anteriores."
}
],
"id": "CVE-2017-8953",
"lastModified": "2024-11-21T03:35:03.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:08.077",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038867"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 02:59
Severity ?
Summary
A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | - | |
| hp | performance_center | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:-:*:*:*:*:*:*:*",
"matchCriteriaId": "414E265C-F338-4791-A36B-7684838BDC60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019D99EA-89BE-478B-B9A1-ECEFD1C90623",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en todas las versiones de HPE LoadRunner and Performance Center."
}
],
"id": "CVE-2016-8512",
"lastModified": "2024-11-21T02:59:30.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:00.480",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-26 03:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | 11.52 | |
| hp | loadrunner | 12.00 | |
| hp | loadrunner | 12.01 | |
| hp | loadrunner | 12.02 | |
| hp | loadrunner | 12.50 | |
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:11.52:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B837F9-5DFF-4A70-B37C-884606588B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.00:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E94489-CB38-41D9-B32A-1D1604603FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.01:*:*:*:*:*:*:*",
"matchCriteriaId": "713F0521-EAF2-461D-988F-495D4118263F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.02:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0F7240-AF85-44DA-BDFC-2F252FBCB70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D1911106-CA9E-421F-94AB-27B33378129B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "4BACEBCB-93A4-4C8C-90DD-3D233BF9B128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "27EAC034-46D2-41A8-A3F5-7ABDCC7E9457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "B0DEA9F8-EF3D-4C7F-B6B9-F9A33341E9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7FCF452-A5B1-4CB5-BD02-785670A04E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "235AB949-A179-48FC-BFAA-7796578E430D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Virtual Table Server (VTS) en HP LoadRunner 11.52, 12.00, 12.01, 12.02 y 12.50 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos, tambi\u00e9n conocida como ZDI-CAN-3138."
}
],
"id": "CVE-2015-6857",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-26T03:59:02.053",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/77946"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034259"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-08 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | 11.52 | |
| hp | loadrunner | 12.00 | |
| hp | loadrunner | 12.01 | |
| hp | loadrunner | 12.02 | |
| hp | loadrunner | 12.50 | |
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "EA41E4F9-3325-4665-A433-BDAA02621F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "58DEE82F-A703-4F0D-96D4-47E6DEC473BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "5B9BA232-B8DD-4EC9-991F-06E73774A156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.02:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7226CD8-1528-4C5B-825D-2569D025808C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "8FBCB098-3822-4C54-AA84-7C7E5751B929",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "4BACEBCB-93A4-4C8C-90DD-3D233BF9B128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "27EAC034-46D2-41A8-A3F5-7ABDCC7E9457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "B0DEA9F8-EF3D-4C7F-B6B9-F9A33341E9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7FCF452-A5B1-4CB5-BD02-785670A04E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "235AB949-A179-48FC-BFAA-7796578E430D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en el agente mchan.dll en HPE LoadRunner 11.52 hasta el parche 3, 12.00 hasta el parche 1, 12.01 hasta el parche 3, 12.02 hasta el parche 2 y 12.50 hasta el parche 3 y Performance Center 11.52hasta el parche 3, 12.00 hasta el parche 1, 12.01 hasta el parche 3, 12.20 hasta el parche 2 y 12.50 hasta el parche 1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un valor long -server_name, tambi\u00e9n conocido como ZDI-CAN-3516."
}
],
"id": "CVE-2016-4359",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-08T14:59:37.797",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-16"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-21 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | * | |
| hp | performance_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:*:p2:*:*:*:*:*:*",
"matchCriteriaId": "C6C8B154-A7EA-48FA-BB0E-22858F9DA602",
"versionEndIncluding": "12.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:*:p2:*:*:*:*:*:*",
"matchCriteriaId": "A2A7FCC9-E09C-425D-90B2-024EB1D39BFC",
"versionEndIncluding": "12.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors."
},
{
"lang": "es",
"value": "HPE Performance Center en versiones anteriores a 12.50 y LoadRunner en versiones anteriores a 12.50 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-4384",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-21T02:59:11.210",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/93069"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036859"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036860"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-05-07 18:24
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | * | |
| hp | loadrunner | 7.0 | |
| hp | loadrunner | 7.02 | |
| hp | loadrunner | 7.5 | |
| hp | loadrunner | 7.6 | |
| hp | loadrunner | 7.8 | |
| hp | loadrunner | 7.51 | |
| hp | loadrunner | 8.0 | |
| hp | loadrunner | 8.12 | |
| hp | loadrunner | 8.13 | |
| hp | loadrunner | 8.14 | |
| hp | loadrunner | 9.0 | |
| hp | performance_center | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1608B33-23D9-4B30-A471-06F1849301AF",
"versionEndIncluding": "9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30344845-9DAE-4E51-8E27-6B650A4EE126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "B37BBFD8-81BE-4F9C-A0A5-0BEC7FA46A8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "476FC1E3-5BD5-4271-92FB-F017AD0CA5D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "09133BB4-E5EB-4084-BDA4-39732EC74DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD409D2-9A27-46C5-8368-D530A8155BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:7.51:*:*:*:*:*:*:*",
"matchCriteriaId": "B05A91C3-0B55-4DE3-B9FD-0CCE06545360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6792A07-8328-439E-BBF2-140B18A1D4E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "38BCA1BE-9D4C-4381-A2FC-36181A17787F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:8.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D59A2E8F-ED38-475E-9FAB-1B445C2ED141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:8.14:*:*:*:*:*:*:*",
"matchCriteriaId": "6B18ACBD-11AA-4020-8D2E-B8C07DFA3D89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8348EAB4-C5F8-49C6-8671-2F1002BBF4AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63F5A034-4D39-4683-966F-5A30884584F9",
"versionEndIncluding": "9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el Agente en LoadRunner de HP anterior a versi\u00f3n 9.50 y Performance Center de HP anterior a versi\u00f3n 9.50, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de vectores desconocidos."
}
],
"id": "CVE-2010-1549",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-07T18:24:15.953",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://www.exploit-db.com/exploits/43411/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/43411/"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-21 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:*:*:*:*:*:*:*",
"matchCriteriaId": "0BAB1EE3-0C3A-4FDB-8472-7CEBE89C9CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C5ED8138-A787-4506-86EC-CFC04FFB75B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2625D73B-2954-4BD6-AD85-FF67637D60A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:*:*:*:*:*:*:*",
"matchCriteriaId": "37C4FF06-0718-4A93-B224-3698D541CF68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:*:*:*:*:*:*:*",
"matchCriteriaId": "673570B4-5771-4913-9427-745E076C55FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a \"remote user validation failure\" issue."
},
{
"lang": "es",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20 y 12.50 permite a atacantes remotos eludir las restricciones destinadas al acceso a trav\u00e9s de vectores no especificados, un problema relacionado con un \"fallo de validaci\u00f3n de usuario remoto\"."
}
],
"id": "CVE-2016-4382",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-21T02:59:10.040",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/92915"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036770"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-03 18:29
Modified
2025-04-20 01:37
Severity ?
Summary
A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | performance_center | 12.20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:*:*:*:*:*:*:*",
"matchCriteriaId": "37C4FF06-0718-4A93-B224-3698D541CF68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting."
},
{
"lang": "es",
"value": "Se ha identificado una potencial vulnerabilidad de seguridad en las versiones 12.20 de HPE Performance Center. La vulnerabilidad se podr\u00eda explotar de forma remota para permitir que se produzca Cross-Site Scripting (XSS)."
}
],
"id": "CVE-2017-14359",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-03T18:29:01.247",
"references": [
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/101659"
},
{
"source": "security@opentext.com",
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/101659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-11 21:29
Modified
2025-04-20 01:37
Severity ?
Summary
HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | * | |
| hp | performance_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0458950F-9181-4A1A-8CEF-E41425A347AA",
"versionEndIncluding": "12.53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1D654F-0D62-46CB-BEBC-3BB68A097FF4",
"versionEndIncluding": "12.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow."
},
{
"lang": "es",
"value": "HPE LoadRunner en versiones anteriores a la 12.53 parche 4 y HPE Performance Center en versiones anteriores a la 12.53 parche 4 permite que atacantes remotos ejecuten c\u00f3digo arbitrario mediante vectores no especificados. Al menos en LoadRunner, esto es un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) de libxdrutil.dll mxdr_string."
}
],
"id": "CVE-2017-5789",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-11T21:29:00.213",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038028"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-08 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | 11.52 | |
| hp | loadrunner | 12.00 | |
| hp | loadrunner | 12.01 | |
| hp | loadrunner | 12.02 | |
| hp | loadrunner | 12.50 | |
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "EA41E4F9-3325-4665-A433-BDAA02621F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "58DEE82F-A703-4F0D-96D4-47E6DEC473BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "5B9BA232-B8DD-4EC9-991F-06E73774A156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.02:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7226CD8-1528-4C5B-825D-2569D025808C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.50:p3:*:*:*:*:*:*",
"matchCriteriaId": "7772F623-E8AD-41A1-B5E2-F507FB7F413B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "4BACEBCB-93A4-4C8C-90DD-3D233BF9B128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "27EAC034-46D2-41A8-A3F5-7ABDCC7E9457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "B0DEA9F8-EF3D-4C7F-B6B9-F9A33341E9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7FCF452-A5B1-4CB5-BD02-785670A04E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "235AB949-A179-48FC-BFAA-7796578E430D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555."
},
{
"lang": "es",
"value": "web/admin/data.js en el componente Performance Center Virtual Table Server (VTS) en HPE LoadRunner 11.52 hasta el parche 3, 12.00 hasta el parche 1, 12.01 hasta el parche 3, 12.02 hasta el parche 2 y 12.50 hasta el parche 3 y Performance Center 11.52 hasta el parche 3, 12.00 hasta el parche 1, 12.01 hasta el parche 3, 12.20 hasta el parche 2 y 12.50 hasta el parche 1 no restringe rutas de archivo enviadas a un llamada desvinculada, lo que permite a atacantes remotos borrar archivos arbitrarios a trav\u00e9s del par\u00e1metro de ruta a data/import_csv, tambi\u00e9n conocido como ZDI-CAN-3555."
}
],
"id": "CVE-2016-4360",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-08T14:59:42.313",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-17"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-08 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 | |
| hp | loadrunner | 11.52 | |
| hp | loadrunner | 12.00 | |
| hp | loadrunner | 12.01 | |
| hp | loadrunner | 12.02 | |
| hp | loadrunner | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "4BACEBCB-93A4-4C8C-90DD-3D233BF9B128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "27EAC034-46D2-41A8-A3F5-7ABDCC7E9457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "B0DEA9F8-EF3D-4C7F-B6B9-F9A33341E9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7FCF452-A5B1-4CB5-BD02-785670A04E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "235AB949-A179-48FC-BFAA-7796578E430D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "EA41E4F9-3325-4665-A433-BDAA02621F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "58DEE82F-A703-4F0D-96D4-47E6DEC473BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "5B9BA232-B8DD-4EC9-991F-06E73774A156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.02:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7226CD8-1528-4C5B-825D-2569D025808C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "8FBCB098-3822-4C54-AA84-7C7E5751B929",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors."
},
{
"lang": "es",
"value": "HPE LoadRunner 11.52 hasta la versi\u00f3n patch 3, 12.00 hasta la versi\u00f3n patch 1, 12.01 hasta la versi\u00f3n patch 3, 12.02 hasta la versi\u00f3n patch 2 y 12.50 hasta la versi\u00f3n patch 3 and Performance Center 11.52 hasta la versi\u00f3n patch 3, 12.00 hasta la versi\u00f3n patch 1, 12.01 hasta la versi\u00f3n patch 3, 12.20 hasta la versi\u00f3n patch 2 y 12.50 hasta la versi\u00f3n patch 1 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-4361",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-08T14:59:46.487",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-4359 (GCVE-0-2016-4359)
Vulnerability from cvelistv5
Published
2016-06-08 14:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/90975 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036006 | vdb-entry, x_refsource_SECTRACK | |
| https://www.tenable.com/security/research/tra-2016-16 | x_refsource_MISC | |
| http://www.zerodayinitiative.com/advisories/ZDI-16-363 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-02T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036006"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-16",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-363",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4359",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-6857 (GCVE-0-2015-6857)
Vulnerability from cvelistv5
Published
2015-11-26 02:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-15-581 | x_refsource_MISC | |
| https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/77946 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1034259 | vdb-entry, x_refsource_SECTRACK | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:36:33.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"name": "77946",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77946"
},
{
"name": "1034259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034259"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"name": "77946",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77946"
},
{
"name": "1034259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034259"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-581",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"name": "77946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77946"
},
{
"name": "1034259",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034259"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-6857",
"datePublished": "2015-11-26T02:00:00",
"dateReserved": "2015-09-10T00:00:00",
"dateUpdated": "2024-08-06T07:36:33.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4360 (GCVE-0-2016-4360)
Vulnerability from cvelistv5
Published
2016-06-08 14:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/90975 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036006 | vdb-entry, x_refsource_SECTRACK | |
| https://www.tenable.com/security/research/tra-2016-17 | x_refsource_MISC | |
| http://www.zerodayinitiative.com/advisories/ZDI-16-364 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-02T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036006"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-17",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-364",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4360",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1549 (GCVE-0-2010-1549)
Vulnerability from cvelistv5
Published
2010-05-07 17:43
Modified
2024-08-07 01:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/511146/100/0/threaded | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/archive/1/511146/100/0/threaded | vendor-advisory, x_refsource_HP | |
| http://seclists.org/bugtraq/2010/May/69 | vendor-advisory, x_refsource_HP | |
| http://seclists.org/bugtraq/2010/May/69 | vendor-advisory, x_refsource_HP | |
| https://www.exploit-db.com/exploits/43411/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:42.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT071328",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"name": "HPSBMA02201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"name": "HPSBMA02528",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"name": "SSRT100106",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"name": "43411",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43411/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT071328",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"name": "HPSBMA02201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"name": "HPSBMA02528",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"name": "SSRT100106",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"name": "43411",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43411/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-1549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT071328",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"name": "HPSBMA02201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/511146/100/0/threaded"
},
{
"name": "HPSBMA02528",
"refsource": "HP",
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"name": "SSRT100106",
"refsource": "HP",
"url": "http://seclists.org/bugtraq/2010/May/69"
},
{
"name": "43411",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43411/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-1549",
"datePublished": "2010-05-07T17:43:00",
"dateReserved": "2010-04-26T00:00:00",
"dateUpdated": "2024-08-07T01:28:42.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4361 (GCVE-0-2016-4361)
Vulnerability from cvelistv5
Published
2016-06-08 14:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/90975 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036006 | vdb-entry, x_refsource_SECTRACK | |
| https://www.tenable.com/security/research/tra-2016-26 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036006"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-26",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4361",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5789 (GCVE-0-2017-5789)
Vulnerability from cvelistv5
Published
2017-10-13 02:00
Modified
2024-08-05 15:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/101224 | vdb-entry, x_refsource_BID | |
| https://www.tenable.com/security/research/tra-2017-13 | x_refsource_MISC | |
| http://www.zerodayinitiative.com/advisories/ZDI-17-160/ | x_refsource_MISC | |
| http://www.securitytracker.com/id/1038029 | vdb-entry, x_refsource_SECTRACK | |
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03712en_us | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/96774 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038028 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE LoadRunner and Performance Center |
Version: HPE LoadRunner and Performance Center |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101224",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"name": "1038029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"name": "96774",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"name": "1038028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE LoadRunner and Performance Center",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HPE LoadRunner and Performance Center"
}
]
}
],
"datePublic": "2017-10-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "101224",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"name": "1038029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"name": "96774",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"name": "1038028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2017-5789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE LoadRunner and Performance Center",
"version": {
"version_data": [
{
"version_value": "HPE LoadRunner and Performance Center"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101224"
},
{
"name": "https://www.tenable.com/security/research/tra-2017-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"name": "1038029",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038029"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"name": "96774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96774"
},
{
"name": "1038028",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-5789",
"datePublished": "2017-10-13T02:00:00",
"dateReserved": "2017-02-01T00:00:00",
"dateUpdated": "2024-08-05T15:11:48.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8953 (GCVE-0-2017-8953)
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-16 22:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Cross-Site Scripting (XSS)
Summary
A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038868 | vdb-entry, x_refsource_SECTRACK | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038867 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | LoadRunner and Performance Center |
Version: v12.53 and earlier, v12.53 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:55:20.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038868",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"name": "1038867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038867"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LoadRunner and Performance Center",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "v12.53 and earlier, v12.53 and earlier"
}
]
}
],
"datePublic": "2017-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Cross-Site Scripting (XSS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1038868",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"name": "1038867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038867"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-07-12T00:00:00",
"ID": "CVE-2017-8953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LoadRunner and Performance Center",
"version": {
"version_data": [
{
"version_value": "v12.53 and earlier, v12.53 and earlier"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Cross-Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038868",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038868"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"name": "1038867",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038867"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-8953",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-05-15T00:00:00",
"dateUpdated": "2024-09-16T22:15:43.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8512 (GCVE-0-2016-8512)
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-16 20:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | LoadRunner and Performance Center |
Version: All versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:40.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LoadRunner and Performance Center",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2016-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T21:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2016-12-13T00:00:00",
"ID": "CVE-2016-8512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LoadRunner and Performance Center",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-8512",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2016-10-07T00:00:00",
"dateUpdated": "2024-09-16T20:22:24.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14359 (GCVE-0-2017-14359)
Vulnerability from cvelistv5
Published
2017-11-03 18:00
Modified
2024-08-05 19:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Cross-Site Scripting
Summary
A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting.
References
| ▼ | URL | Tags |
|---|---|---|
| https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/101659 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | HPE Performance Center |
Version: 12.20 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:27:40.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"name": "101659",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101659"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Performance Center",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "12.20"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to thank Pawel Bartunek for reporting this issue to security-alert@hpe.com"
}
],
"datePublic": "2017-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:41",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"name": "101659",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101659"
}
],
"title": "MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS)",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2017-14359",
"STATE": "PUBLIC",
"TITLE": "MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Performance Center",
"version": {
"version_data": [
{
"version_value": "12.20"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
"Micro Focus would like to thank Pawel Bartunek for reporting this issue to security-alert@hpe.com"
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754",
"refsource": "CONFIRM",
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"name": "101659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101659"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-14359",
"datePublished": "2017-11-03T18:00:00",
"dateReserved": "2017-09-12T00:00:00",
"dateUpdated": "2024-08-05T19:27:40.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4382 (GCVE-0-2016-4382)
Vulnerability from cvelistv5
Published
2016-09-21 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036770 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92915 | vdb-entry, x_refsource_BID | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036770",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036770"
},
{
"name": "92915",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92915"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a \"remote user validation failure\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1036770",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036770"
},
{
"name": "92915",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92915"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a \"remote user validation failure\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036770",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036770"
},
{
"name": "92915",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92915"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4382",
"datePublished": "2016-09-21T01:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4384 (GCVE-0-2016-4384)
Vulnerability from cvelistv5
Published
2016-09-21 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036859 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/93069 | vdb-entry, x_refsource_BID | |
| https://www.tenable.com/security/research/tra-2016-26 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1036860 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"name": "1036859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036859"
},
{
"name": "93069",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93069"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"name": "1036860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036860"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"name": "1036859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036859"
},
{
"name": "93069",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93069"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"name": "1036860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036860"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"name": "1036859",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036859"
},
{
"name": "93069",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93069"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-26",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"name": "1036860",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036860"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4384",
"datePublished": "2016-09-21T01:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}