Search criteria
33 vulnerabilities found for performance_center by hp
FKIE_CVE-2017-8953
Vulnerability from fkie_nvd - Published: 2018-02-15 22:29 - Updated: 2024-11-21 03:35
Severity ?
Summary
A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.
References
| URL | Tags | ||
|---|---|---|---|
| security-alert@hpe.com | http://www.securitytracker.com/id/1038867 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1038868 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038867 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038868 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | * | |
| hp | performance_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0458950F-9181-4A1A-8CEF-E41425A347AA",
"versionEndIncluding": "12.53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1D654F-0D62-46CB-BEBC-3BB68A097FF4",
"versionEndIncluding": "12.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) remoto en HPE LoadRunner en versiones v12.53 y anteriores y en HPE Performance Center en versiones v12.53 y anteriores."
}
],
"id": "CVE-2017-8953",
"lastModified": "2024-11-21T03:35:03.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:08.077",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038867"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8512
Vulnerability from fkie_nvd - Published: 2018-02-15 22:29 - Updated: 2024-11-21 02:59
Severity ?
Summary
A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | - | |
| hp | performance_center | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:-:*:*:*:*:*:*:*",
"matchCriteriaId": "414E265C-F338-4791-A36B-7684838BDC60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019D99EA-89BE-478B-B9A1-ECEFD1C90623",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en todas las versiones de HPE LoadRunner and Performance Center."
}
],
"id": "CVE-2016-8512",
"lastModified": "2024-11-21T02:59:30.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:00.480",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-14359
Vulnerability from fkie_nvd - Published: 2017-11-03 18:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | performance_center | 12.20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:*:*:*:*:*:*:*",
"matchCriteriaId": "37C4FF06-0718-4A93-B224-3698D541CF68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting."
},
{
"lang": "es",
"value": "Se ha identificado una potencial vulnerabilidad de seguridad en las versiones 12.20 de HPE Performance Center. La vulnerabilidad se podr\u00eda explotar de forma remota para permitir que se produzca Cross-Site Scripting (XSS)."
}
],
"id": "CVE-2017-14359",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-03T18:29:01.247",
"references": [
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/101659"
},
{
"source": "security@opentext.com",
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/101659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-5789
Vulnerability from fkie_nvd - Published: 2017-10-11 21:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | * | |
| hp | performance_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0458950F-9181-4A1A-8CEF-E41425A347AA",
"versionEndIncluding": "12.53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1D654F-0D62-46CB-BEBC-3BB68A097FF4",
"versionEndIncluding": "12.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow."
},
{
"lang": "es",
"value": "HPE LoadRunner en versiones anteriores a la 12.53 parche 4 y HPE Performance Center en versiones anteriores a la 12.53 parche 4 permite que atacantes remotos ejecuten c\u00f3digo arbitrario mediante vectores no especificados. Al menos en LoadRunner, esto es un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) de libxdrutil.dll mxdr_string."
}
],
"id": "CVE-2017-5789",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-11T21:29:00.213",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038028"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-4384
Vulnerability from fkie_nvd - Published: 2016-09-21 02:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | * | |
| hp | performance_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:*:p2:*:*:*:*:*:*",
"matchCriteriaId": "C6C8B154-A7EA-48FA-BB0E-22858F9DA602",
"versionEndIncluding": "12.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:*:p2:*:*:*:*:*:*",
"matchCriteriaId": "A2A7FCC9-E09C-425D-90B2-024EB1D39BFC",
"versionEndIncluding": "12.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors."
},
{
"lang": "es",
"value": "HPE Performance Center en versiones anteriores a 12.50 y LoadRunner en versiones anteriores a 12.50 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-4384",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-21T02:59:11.210",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/93069"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036859"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036860"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-4382
Vulnerability from fkie_nvd - Published: 2016-09-21 02:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:*:*:*:*:*:*:*",
"matchCriteriaId": "0BAB1EE3-0C3A-4FDB-8472-7CEBE89C9CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C5ED8138-A787-4506-86EC-CFC04FFB75B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2625D73B-2954-4BD6-AD85-FF67637D60A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:*:*:*:*:*:*:*",
"matchCriteriaId": "37C4FF06-0718-4A93-B224-3698D541CF68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:*:*:*:*:*:*:*",
"matchCriteriaId": "673570B4-5771-4913-9427-745E076C55FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a \"remote user validation failure\" issue."
},
{
"lang": "es",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20 y 12.50 permite a atacantes remotos eludir las restricciones destinadas al acceso a trav\u00e9s de vectores no especificados, un problema relacionado con un \"fallo de validaci\u00f3n de usuario remoto\"."
}
],
"id": "CVE-2016-4382",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-21T02:59:10.040",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/92915"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036770"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-4361
Vulnerability from fkie_nvd - Published: 2016-06-08 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 | |
| hp | loadrunner | 11.52 | |
| hp | loadrunner | 12.00 | |
| hp | loadrunner | 12.01 | |
| hp | loadrunner | 12.02 | |
| hp | loadrunner | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "4BACEBCB-93A4-4C8C-90DD-3D233BF9B128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "27EAC034-46D2-41A8-A3F5-7ABDCC7E9457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "B0DEA9F8-EF3D-4C7F-B6B9-F9A33341E9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7FCF452-A5B1-4CB5-BD02-785670A04E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "235AB949-A179-48FC-BFAA-7796578E430D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "EA41E4F9-3325-4665-A433-BDAA02621F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "58DEE82F-A703-4F0D-96D4-47E6DEC473BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "5B9BA232-B8DD-4EC9-991F-06E73774A156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.02:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7226CD8-1528-4C5B-825D-2569D025808C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "8FBCB098-3822-4C54-AA84-7C7E5751B929",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors."
},
{
"lang": "es",
"value": "HPE LoadRunner 11.52 hasta la versi\u00f3n patch 3, 12.00 hasta la versi\u00f3n patch 1, 12.01 hasta la versi\u00f3n patch 3, 12.02 hasta la versi\u00f3n patch 2 y 12.50 hasta la versi\u00f3n patch 3 and Performance Center 11.52 hasta la versi\u00f3n patch 3, 12.00 hasta la versi\u00f3n patch 1, 12.01 hasta la versi\u00f3n patch 3, 12.20 hasta la versi\u00f3n patch 2 y 12.50 hasta la versi\u00f3n patch 1 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-4361",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-08T14:59:46.487",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-4360
Vulnerability from fkie_nvd - Published: 2016-06-08 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | 11.52 | |
| hp | loadrunner | 12.00 | |
| hp | loadrunner | 12.01 | |
| hp | loadrunner | 12.02 | |
| hp | loadrunner | 12.50 | |
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "EA41E4F9-3325-4665-A433-BDAA02621F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "58DEE82F-A703-4F0D-96D4-47E6DEC473BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "5B9BA232-B8DD-4EC9-991F-06E73774A156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.02:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7226CD8-1528-4C5B-825D-2569D025808C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.50:p3:*:*:*:*:*:*",
"matchCriteriaId": "7772F623-E8AD-41A1-B5E2-F507FB7F413B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "4BACEBCB-93A4-4C8C-90DD-3D233BF9B128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "27EAC034-46D2-41A8-A3F5-7ABDCC7E9457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "B0DEA9F8-EF3D-4C7F-B6B9-F9A33341E9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7FCF452-A5B1-4CB5-BD02-785670A04E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "235AB949-A179-48FC-BFAA-7796578E430D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555."
},
{
"lang": "es",
"value": "web/admin/data.js en el componente Performance Center Virtual Table Server (VTS) en HPE LoadRunner 11.52 hasta el parche 3, 12.00 hasta el parche 1, 12.01 hasta el parche 3, 12.02 hasta el parche 2 y 12.50 hasta el parche 3 y Performance Center 11.52 hasta el parche 3, 12.00 hasta el parche 1, 12.01 hasta el parche 3, 12.20 hasta el parche 2 y 12.50 hasta el parche 1 no restringe rutas de archivo enviadas a un llamada desvinculada, lo que permite a atacantes remotos borrar archivos arbitrarios a trav\u00e9s del par\u00e1metro de ruta a data/import_csv, tambi\u00e9n conocido como ZDI-CAN-3555."
}
],
"id": "CVE-2016-4360",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-08T14:59:42.313",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-17"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-4359
Vulnerability from fkie_nvd - Published: 2016-06-08 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | 11.52 | |
| hp | loadrunner | 12.00 | |
| hp | loadrunner | 12.01 | |
| hp | loadrunner | 12.02 | |
| hp | loadrunner | 12.50 | |
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "EA41E4F9-3325-4665-A433-BDAA02621F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "58DEE82F-A703-4F0D-96D4-47E6DEC473BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "5B9BA232-B8DD-4EC9-991F-06E73774A156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.02:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7226CD8-1528-4C5B-825D-2569D025808C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "8FBCB098-3822-4C54-AA84-7C7E5751B929",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "4BACEBCB-93A4-4C8C-90DD-3D233BF9B128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "27EAC034-46D2-41A8-A3F5-7ABDCC7E9457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "B0DEA9F8-EF3D-4C7F-B6B9-F9A33341E9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7FCF452-A5B1-4CB5-BD02-785670A04E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "235AB949-A179-48FC-BFAA-7796578E430D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en el agente mchan.dll en HPE LoadRunner 11.52 hasta el parche 3, 12.00 hasta el parche 1, 12.01 hasta el parche 3, 12.02 hasta el parche 2 y 12.50 hasta el parche 3 y Performance Center 11.52hasta el parche 3, 12.00 hasta el parche 1, 12.01 hasta el parche 3, 12.20 hasta el parche 2 y 12.50 hasta el parche 1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un valor long -server_name, tambi\u00e9n conocido como ZDI-CAN-3516."
}
],
"id": "CVE-2016-4359",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-08T14:59:37.797",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-16"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-6857
Vulnerability from fkie_nvd - Published: 2015-11-26 03:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | loadrunner | 11.52 | |
| hp | loadrunner | 12.00 | |
| hp | loadrunner | 12.01 | |
| hp | loadrunner | 12.02 | |
| hp | loadrunner | 12.50 | |
| hp | performance_center | 11.52 | |
| hp | performance_center | 12.00 | |
| hp | performance_center | 12.01 | |
| hp | performance_center | 12.20 | |
| hp | performance_center | 12.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:loadrunner:11.52:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B837F9-5DFF-4A70-B37C-884606588B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.00:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E94489-CB38-41D9-B32A-1D1604603FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.01:*:*:*:*:*:*:*",
"matchCriteriaId": "713F0521-EAF2-461D-988F-495D4118263F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.02:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0F7240-AF85-44DA-BDFC-2F252FBCB70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:loadrunner:12.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D1911106-CA9E-421F-94AB-27B33378129B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*",
"matchCriteriaId": "4BACEBCB-93A4-4C8C-90DD-3D233BF9B128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*",
"matchCriteriaId": "27EAC034-46D2-41A8-A3F5-7ABDCC7E9457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*",
"matchCriteriaId": "B0DEA9F8-EF3D-4C7F-B6B9-F9A33341E9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*",
"matchCriteriaId": "F7FCF452-A5B1-4CB5-BD02-785670A04E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*",
"matchCriteriaId": "235AB949-A179-48FC-BFAA-7796578E430D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Virtual Table Server (VTS) en HP LoadRunner 11.52, 12.00, 12.01, 12.02 y 12.50 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos, tambi\u00e9n conocida como ZDI-CAN-3138."
}
],
"id": "CVE-2015-6857",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-26T03:59:02.053",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/77946"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034259"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-8953 (GCVE-0-2017-8953)
Vulnerability from cvelistv5 – Published: 2018-02-15 22:00 – Updated: 2024-09-16 22:15
VLAI?
Summary
A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.
Severity ?
No CVSS data available.
CWE
- Remote Cross-Site Scripting (XSS)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | LoadRunner and Performance Center |
Affected:
v12.53 and earlier, v12.53 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:55:20.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038868",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"name": "1038867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038867"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LoadRunner and Performance Center",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "v12.53 and earlier, v12.53 and earlier"
}
]
}
],
"datePublic": "2017-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Cross-Site Scripting (XSS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1038868",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"name": "1038867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038867"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-07-12T00:00:00",
"ID": "CVE-2017-8953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LoadRunner and Performance Center",
"version": {
"version_data": [
{
"version_value": "v12.53 and earlier, v12.53 and earlier"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Cross-Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038868",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038868"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"name": "1038867",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038867"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-8953",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-05-15T00:00:00",
"dateUpdated": "2024-09-16T22:15:43.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8512 (GCVE-0-2016-8512)
Vulnerability from cvelistv5 – Published: 2018-02-15 22:00 – Updated: 2024-09-16 20:22
VLAI?
Summary
A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | LoadRunner and Performance Center |
Affected:
All versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:40.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LoadRunner and Performance Center",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2016-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T21:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2016-12-13T00:00:00",
"ID": "CVE-2016-8512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LoadRunner and Performance Center",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-8512",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2016-10-07T00:00:00",
"dateUpdated": "2024-09-16T20:22:24.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14359 (GCVE-0-2017-14359)
Vulnerability from cvelistv5 – Published: 2017-11-03 18:00 – Updated: 2024-08-05 19:27
VLAI?
Title
MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS)
Summary
A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting.
Severity ?
No CVSS data available.
CWE
- Remote Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | HPE Performance Center |
Affected:
12.20
|
Credits
Micro Focus would like to thank Pawel Bartunek for reporting this issue to security-alert@hpe.com
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:27:40.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"name": "101659",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101659"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Performance Center",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "12.20"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to thank Pawel Bartunek for reporting this issue to security-alert@hpe.com"
}
],
"datePublic": "2017-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:41",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"name": "101659",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101659"
}
],
"title": "MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS)",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2017-14359",
"STATE": "PUBLIC",
"TITLE": "MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Performance Center",
"version": {
"version_data": [
{
"version_value": "12.20"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
"Micro Focus would like to thank Pawel Bartunek for reporting this issue to security-alert@hpe.com"
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754",
"refsource": "CONFIRM",
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"name": "101659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101659"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-14359",
"datePublished": "2017-11-03T18:00:00",
"dateReserved": "2017-09-12T00:00:00",
"dateUpdated": "2024-08-05T19:27:40.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5789 (GCVE-0-2017-5789)
Vulnerability from cvelistv5 – Published: 2017-10-13 02:00 – Updated: 2024-08-05 15:11
VLAI?
Summary
HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE LoadRunner and Performance Center |
Affected:
HPE LoadRunner and Performance Center
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101224",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"name": "1038029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"name": "96774",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"name": "1038028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE LoadRunner and Performance Center",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HPE LoadRunner and Performance Center"
}
]
}
],
"datePublic": "2017-10-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "101224",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"name": "1038029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"name": "96774",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"name": "1038028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2017-5789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE LoadRunner and Performance Center",
"version": {
"version_data": [
{
"version_value": "HPE LoadRunner and Performance Center"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101224"
},
{
"name": "https://www.tenable.com/security/research/tra-2017-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"name": "1038029",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038029"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"name": "96774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96774"
},
{
"name": "1038028",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-5789",
"datePublished": "2017-10-13T02:00:00",
"dateReserved": "2017-02-01T00:00:00",
"dateUpdated": "2024-08-05T15:11:48.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4382 (GCVE-0-2016-4382)
Vulnerability from cvelistv5 – Published: 2016-09-21 01:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036770",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036770"
},
{
"name": "92915",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92915"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a \"remote user validation failure\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1036770",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036770"
},
{
"name": "92915",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92915"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a \"remote user validation failure\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036770",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036770"
},
{
"name": "92915",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92915"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4382",
"datePublished": "2016-09-21T01:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4384 (GCVE-0-2016-4384)
Vulnerability from cvelistv5 – Published: 2016-09-21 01:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"name": "1036859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036859"
},
{
"name": "93069",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93069"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"name": "1036860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036860"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"name": "1036859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036859"
},
{
"name": "93069",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93069"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"name": "1036860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036860"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"name": "1036859",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036859"
},
{
"name": "93069",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93069"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-26",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"name": "1036860",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036860"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4384",
"datePublished": "2016-09-21T01:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4360 (GCVE-0-2016-4360)
Vulnerability from cvelistv5 – Published: 2016-06-08 14:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-02T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036006"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-17",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-364",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4360",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4361 (GCVE-0-2016-4361)
Vulnerability from cvelistv5 – Published: 2016-06-08 14:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036006"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-26",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4361",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4359 (GCVE-0-2016-4359)
Vulnerability from cvelistv5 – Published: 2016-06-08 14:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-02T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036006"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-16",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-363",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4359",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-6857 (GCVE-0-2015-6857)
Vulnerability from cvelistv5 – Published: 2015-11-26 02:00 – Updated: 2024-08-06 07:36
VLAI?
Summary
Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:36:33.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"name": "77946",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77946"
},
{
"name": "1034259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034259"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"name": "77946",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77946"
},
{
"name": "1034259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034259"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-581",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"name": "77946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77946"
},
{
"name": "1034259",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034259"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-6857",
"datePublished": "2015-11-26T02:00:00",
"dateReserved": "2015-09-10T00:00:00",
"dateUpdated": "2024-08-06T07:36:33.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8953 (GCVE-0-2017-8953)
Vulnerability from nvd – Published: 2018-02-15 22:00 – Updated: 2024-09-16 22:15
VLAI?
Summary
A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.
Severity ?
No CVSS data available.
CWE
- Remote Cross-Site Scripting (XSS)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | LoadRunner and Performance Center |
Affected:
v12.53 and earlier, v12.53 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:55:20.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038868",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"name": "1038867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038867"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LoadRunner and Performance Center",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "v12.53 and earlier, v12.53 and earlier"
}
]
}
],
"datePublic": "2017-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Cross-Site Scripting (XSS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1038868",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038868"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"name": "1038867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038867"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-07-12T00:00:00",
"ID": "CVE-2017-8953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LoadRunner and Performance Center",
"version": {
"version_data": [
{
"version_value": "v12.53 and earlier, v12.53 and earlier"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Cross-Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038868",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038868"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us"
},
{
"name": "1038867",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038867"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-8953",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-05-15T00:00:00",
"dateUpdated": "2024-09-16T22:15:43.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8512 (GCVE-0-2016-8512)
Vulnerability from nvd – Published: 2018-02-15 22:00 – Updated: 2024-09-16 20:22
VLAI?
Summary
A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | LoadRunner and Performance Center |
Affected:
All versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:40.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LoadRunner and Performance Center",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2016-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T21:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2016-12-13T00:00:00",
"ID": "CVE-2016-8512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LoadRunner and Performance Center",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-8512",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2016-10-07T00:00:00",
"dateUpdated": "2024-09-16T20:22:24.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14359 (GCVE-0-2017-14359)
Vulnerability from nvd – Published: 2017-11-03 18:00 – Updated: 2024-08-05 19:27
VLAI?
Title
MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS)
Summary
A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting.
Severity ?
No CVSS data available.
CWE
- Remote Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | HPE Performance Center |
Affected:
12.20
|
Credits
Micro Focus would like to thank Pawel Bartunek for reporting this issue to security-alert@hpe.com
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:27:40.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"name": "101659",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101659"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Performance Center",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "12.20"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to thank Pawel Bartunek for reporting this issue to security-alert@hpe.com"
}
],
"datePublic": "2017-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:41",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"name": "101659",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101659"
}
],
"title": "MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS)",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2017-14359",
"STATE": "PUBLIC",
"TITLE": "MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Performance Center",
"version": {
"version_data": [
{
"version_value": "12.20"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
"Micro Focus would like to thank Pawel Bartunek for reporting this issue to security-alert@hpe.com"
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754",
"refsource": "CONFIRM",
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02996754"
},
{
"name": "101659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101659"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-14359",
"datePublished": "2017-11-03T18:00:00",
"dateReserved": "2017-09-12T00:00:00",
"dateUpdated": "2024-08-05T19:27:40.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5789 (GCVE-0-2017-5789)
Vulnerability from nvd – Published: 2017-10-13 02:00 – Updated: 2024-08-05 15:11
VLAI?
Summary
HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE LoadRunner and Performance Center |
Affected:
HPE LoadRunner and Performance Center
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101224",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"name": "1038029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"name": "96774",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"name": "1038028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE LoadRunner and Performance Center",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HPE LoadRunner and Performance Center"
}
]
}
],
"datePublic": "2017-10-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "101224",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101224"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"name": "1038029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"name": "96774",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96774"
},
{
"name": "1038028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2017-5789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE LoadRunner and Performance Center",
"version": {
"version_data": [
{
"version_value": "HPE LoadRunner and Performance Center"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101224"
},
{
"name": "https://www.tenable.com/security/research/tra-2017-13",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-13"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-160/"
},
{
"name": "1038029",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038029"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03712en_us"
},
{
"name": "96774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96774"
},
{
"name": "1038028",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-5789",
"datePublished": "2017-10-13T02:00:00",
"dateReserved": "2017-02-01T00:00:00",
"dateUpdated": "2024-08-05T15:11:48.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4382 (GCVE-0-2016-4382)
Vulnerability from nvd – Published: 2016-09-21 01:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036770",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036770"
},
{
"name": "92915",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92915"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a \"remote user validation failure\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1036770",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036770"
},
{
"name": "92915",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92915"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a \"remote user validation failure\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036770",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036770"
},
{
"name": "92915",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92915"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05269356"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4382",
"datePublished": "2016-09-21T01:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4384 (GCVE-0-2016-4384)
Vulnerability from nvd – Published: 2016-09-21 01:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"name": "1036859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036859"
},
{
"name": "93069",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93069"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"name": "1036860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036860"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"name": "1036859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036859"
},
{
"name": "93069",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93069"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"name": "1036860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036860"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882"
},
{
"name": "1036859",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036859"
},
{
"name": "93069",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93069"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-26",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-26"
},
{
"name": "1036860",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036860"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4384",
"datePublished": "2016-09-21T01:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4360 (GCVE-0-2016-4360)
Vulnerability from nvd – Published: 2016-06-08 14:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-02T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036006"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-17",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-17"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-364",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-364"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4360",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4361 (GCVE-0-2016-4361)
Vulnerability from nvd – Published: 2016-06-08 14:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036006"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-26",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-26"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4361",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4359 (GCVE-0-2016-4359)
Vulnerability from nvd – Published: 2016-06-08 14:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-02T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423"
},
{
"name": "90975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90975"
},
{
"name": "1036006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036006"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-16",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-16"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-363",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-363"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4359",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-6857 (GCVE-0-2015-6857)
Vulnerability from nvd – Published: 2015-11-26 02:00 – Updated: 2024-08-06 07:36
VLAI?
Summary
Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:36:33.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"name": "77946",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77946"
},
{
"name": "1034259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034259"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"name": "77946",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77946"
},
{
"name": "1034259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034259"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-581",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-581"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04900820"
},
{
"name": "77946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77946"
},
{
"name": "1034259",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034259"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04907374"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-6857",
"datePublished": "2015-11-26T02:00:00",
"dateReserved": "2015-09-10T00:00:00",
"dateUpdated": "2024-08-06T07:36:33.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}