CVE-2016-4384 | Tenable®

Login

Tenable Community & Support

Tenable University

CVE-2016-4384

HIGH

Description

HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.

References

http://www.securityfocus.com/bid/93069

http://www.securitytracker.com/id/1036859

http://www.securitytracker.com/id/1036860

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05278882

https://www.tenable.com/security/research/tra-2016-26

Details

Source: MITRE

Published: 2016-09-21

Updated: 2017-07-30

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 9

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:C

Impact Score: 8.5

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Impact Score: 4.7

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:hp:loadrunner:*:p2:*:*:*:*:*:* versions up to 12.02 (inclusive)

cpe:2.3:a:hp:performance_center:*:p2:*:*:*:*:*:* versions up to 12.20 (inclusive)

Tenable Plugins

View all (2 total)

ID	Name	Product	Family	Severity
97552	HPE LoadRunner < 12.50 mchan.dll Packet Handling Invalid Memory Access DoS	Nessus	Windows	high
93811	HP Performance Center 11.52.x / 12.x < 12.53 Multiple Vulnerabilities	Nessus	Windows	high