Skip to main content

Performance Center

8 CVEs product

Monthly

CVE-2017-14359 MEDIUM This Month

A potential security vulnerability has been identified in HPE Performance Center versions 12.20. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Performance Center
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-5789 CRITICAL Emergency

HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 33.9% and no vendor patch available.

Buffer Overflow RCE Loadrunner Performance Center
NVD
CVSS 3.0
9.8
EPSS
33.9%
CVE-2016-4384 HIGH PATCH This Week

HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Loadrunner Performance Center
NVD
CVSS 3.0
8.6
EPSS
2.9%
CVE-2016-4382 HIGH This Week

HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure". Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Performance Center
NVD
CVSS 3.0
8.3
EPSS
0.2%
CVE-2016-4361 HIGH This Week

HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Performance Center Loadrunner
NVD
CVSS 3.0
7.5
EPSS
3.0%
CVE-2016-4360 CRITICAL Act Now

web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Loadrunner Performance Center
NVD
CVSS 3.0
9.1
EPSS
3.7%
CVE-2016-4359 CRITICAL Act Now

Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 27.9% and no vendor patch available.

RCE Buffer Overflow Loadrunner Performance Center
NVD
CVSS 3.0
9.8
EPSS
27.9%
CVE-2015-6857 HIGH This Week

Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

HP RCE Loadrunner Performance Center
NVD
CVSS 2.0
7.2
EPSS
2.3%
EPSS 0% CVSS 5.4
MEDIUM This Month

A potential security vulnerability has been identified in HPE Performance Center versions 12.20. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Performance Center
NVD
EPSS 34% CVSS 9.8
CRITICAL Emergency

HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 33.9% and no vendor patch available.

Buffer Overflow RCE Loadrunner +1
NVD
EPSS 3% CVSS 8.6
HIGH PATCH This Week

HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Loadrunner Performance Center
NVD
EPSS 0% CVSS 8.3
HIGH This Week

HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure". Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Performance Center
NVD
EPSS 3% CVSS 7.5
HIGH This Week

HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Performance Center Loadrunner
NVD
EPSS 4% CVSS 9.1
CRITICAL Act Now

web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Loadrunner Performance Center
NVD
EPSS 28% CVSS 9.8
CRITICAL Act Now

Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 27.9% and no vendor patch available.

RCE Buffer Overflow Loadrunner +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

HP RCE Loadrunner +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy