Vulnerability Details : CVE-2016-4360
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555.
Products affected by CVE-2016-4360
- cpe:2.3:a:hp:loadrunner:12.01:p3:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:12.00:p1:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:11.52:p3:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:12.02:p2:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:12.50:p3:*:*:*:*:*:*
- cpe:2.3:a:hp:performance_center:12.01:p3:*:*:*:*:*:*
- cpe:2.3:a:hp:performance_center:12.20:p2:*:*:*:*:*:*
- cpe:2.3:a:hp:performance_center:12.50:p1:*:*:*:*:*:*
- cpe:2.3:a:hp:performance_center:11.52:p3:*:*:*:*:*:*
- cpe:2.3:a:hp:performance_center:12.00:p1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-4360
26.40%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-4360
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:P |
10.0
|
4.9
|
NIST | |
9.1
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
3.9
|
5.2
|
NIST |
References for CVE-2016-4360
-
http://www.zerodayinitiative.com/advisories/ZDI-16-364
ZDI-16-364 | Zero Day InitiativeThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1036006
HPE LoadRunner Unspecified Flaws Let Remote Users Deny Service and Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05157423
HPSBGN03609 rev.2 - HPE LoadRunner and Performance Center, Remote Code Execution, Denial of Service (DoS)Vendor Advisory
-
http://www.securityfocus.com/bid/90975
Multiple HP Products Multiple Remote Code Execution and Denial of Service Vulnerabilities
-
https://www.tenable.com/security/research/tra-2016-17
[R2] HP Loadrunner / HP Performance Center Virtual Table Server (VTS) \web\admin\data.js Remote File Deletion - Research Advisory | TenableĀ®
Jump to