Remote Code Execution Vulnerability in HPE LoadRunner and Performance Center
CVE-2016-8512

9.8CRITICAL

Key Information:

Vendor: HP
Status: Loadrunner And Performance Center
Vendor: CVE Published:; 15 February 2018

Summary

A vulnerability has been identified in HPE LoadRunner and Performance Center, where an attacker can execute arbitrary code remotely due to improper validation of user inputs. This flaw could potentially allow unauthorized access to the system, leading to a compromise of sensitive data and operational integrity. Organizations using these products are advised to implement the necessary patches and follow best security practices to mitigate potential threats.

Affected Version(s)

LoadRunner and Performance Center All versions

References

https://support.hpe.com/hpsc/doc/public/display?docId=emr...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
Oct 7, 2016