Sign-up

ID

VAR-201505-0144


CVE

CVE-2015-2121


TITLE

HP LoadRunner and Performance Center Network Virtualization Remote Information Disclosure Vulnerability

Trust: 0.8

sources: IVD: 52a62ba0-1fd7-4027-972f-e97f629cf187 // CNVD: CNVD-2015-02998

DESCRIPTION

HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569. Authentication is not required to exploit this vulnerability.The specific flaw exists because neither the HttpServlet nor the NetworkEditorController sanitize the URL, and hence the file name, requested. An attacker can use this to read any file on the system under the context of SYSTEM. HP LoadRunner and Performance Center is a new version of software and services designed to help IT organizations improve performance management throughout the application lifecycle. Allows an attacker to exploit this vulnerability for sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04657310 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04657310 Version: 1 HPSBGN03328 rev.1 - Network Virtualization for HP LoadRunner and Performance Center, Remote Information Disclosure NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. References: CVE-2015-2121 (ZDI-CAN-2569, SSRT101932) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Network Virtualization for HP LoadRunner and Performance Center v11.52, v8.61 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2015-2121 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 The Hewlett-Packard Company thanks Aniway.Anyway@gmail.com working with HP's Zero Day Initiative for reporting this issue to security-alert@hp.com. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlVJQ1gACgkQ4B86/C0qfVnCMQCeMTHLHHtTr3Ut1ulcNp9NTYlt ZmEAoKflq7JkSOLjj8iHQ+JgsFTtsoPE =mlT5 -----END PGP SIGNATURE-----

Trust: 3.33

sources: NVD: CVE-2015-2121 // JVNDB: JVNDB-2015-002805 // ZDI: ZDI-15-192 // CNVD: CNVD-2015-02998 // BID: 74583 // IVD: 52a62ba0-1fd7-4027-972f-e97f629cf187 // PACKETSTORM: 131848

IOT TAXONOMY

category:['IoT', 'ICS']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 52a62ba0-1fd7-4027-972f-e97f629cf187 // CNVD: CNVD-2015-02998

AFFECTED PRODUCTS

vendor:hpmodel:network virtualizationscope:eqversion:11.52

Trust: 1.6

vendor:hpmodel:network virtualizationscope:eqversion:8.61

Trust: 1.6

vendor:hewlett packardmodel:hp network virtualizationscope:eqversion:11.52

Trust: 0.8

vendor:hewlett packardmodel:hp network virtualizationscope:eqversion:8.61

Trust: 0.8

vendor:hewlett packardmodel:network virtualizationscope: - version: -

Trust: 0.7

vendor:hpmodel:loadrunnerscope:eqversion:11.52

Trust: 0.6

vendor:hpmodel:loadrunnerscope:eqversion:8.61

Trust: 0.6

vendor:hpmodel:performance centerscope:eqversion:11.52

Trust: 0.6

vendor:hpmodel:performance centerscope:eqversion:8.61

Trust: 0.6

vendor:network virtualizationmodel: - scope:eqversion:8.61

Trust: 0.2

vendor:network virtualizationmodel: - scope:eqversion:11.52

Trust: 0.2

sources: IVD: 52a62ba0-1fd7-4027-972f-e97f629cf187 // ZDI: ZDI-15-192 // CNVD: CNVD-2015-02998 // JVNDB: JVNDB-2015-002805 // CNNVD: CNNVD-201505-085 // NVD: CVE-2015-2121

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-2121
value: HIGH

Trust: 1.0

NVD: CVE-2015-2121
value: HIGH

Trust: 0.8

ZDI: CVE-2015-2121
value: HIGH

Trust: 0.7

CNVD: CNVD-2015-02998
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201505-085
value: HIGH

Trust: 0.6

IVD: 52a62ba0-1fd7-4027-972f-e97f629cf187
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2015-2121
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.5

CNVD: CNVD-2015-02998
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 52a62ba0-1fd7-4027-972f-e97f629cf187
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 52a62ba0-1fd7-4027-972f-e97f629cf187 // ZDI: ZDI-15-192 // CNVD: CNVD-2015-02998 // JVNDB: JVNDB-2015-002805 // CNNVD: CNNVD-201505-085 // NVD: CVE-2015-2121

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.8

sources: JVNDB: JVNDB-2015-002805 // NVD: CVE-2015-2121

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201505-085

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201505-085

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-002805

PATCH
title:HPSBGN03328 SSRT101932url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04657310
Trust: 0.8
title:Hewlett-Packard has issued an update to correct this vulnerability.url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04657310
Trust: 0.7
title:Patch for HP LoadRunner and Performance Center Network Virtualization Remote Information Disclosure Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/58316
Trust: 0.6
sources:
            
            
            ZDI: ZDI-15-192 // 
            
            
            
            CNVD: CNVD-2015-02998 // 
            
            
            
            JVNDB: JVNDB-2015-002805

EXTERNAL IDS
db:NVDid:CVE-2015-2121
Trust: 4.3
db:ZDIid:ZDI-15-192
Trust: 2.3
db:BIDid:74583
Trust: 1.9
db:CNVDid:CNVD-2015-02998
Trust: 0.8
db:CNNVDid:CNNVD-201505-085
Trust: 0.8
db:JVNDBid:JVNDB-2015-002805
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-2569
Trust: 0.7
db:SECUNIAid:64458
Trust: 0.6
db:IVDid:52A62BA0-1FD7-4027-972F-E97F629CF187
Trust: 0.2
db:PACKETSTORMid:131848
Trust: 0.1
sources:
            
            
            IVD: 52a62ba0-1fd7-4027-972f-e97f629cf187 // 
            
            
            
            ZDI: ZDI-15-192 // 
            
            
            
            CNVD: CNVD-2015-02998 // 
            
            
            
            BID: 74583 // 
            
            
            
            JVNDB: JVNDB-2015-002805 // 
            
            
            
            PACKETSTORM: 131848 // 
            
            
            
            CNNVD: CNNVD-201505-085 // 
            
            
            
            NVD: CVE-2015-2121

REFERENCES
url:http://www.securityfocus.com/bid/74583
Trust: 1.6
url:http://zerodayinitiative.com/advisories/zdi-15-192/
Trust: 1.6
url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04657310
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2121
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2121
Trust: 0.8
url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c04657310
Trust: 0.7
url:http://secunia.com/advisories/64458
Trust: 0.6
url:http://www.hp.com
Trust: 0.3
url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
Trust: 0.1
url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/
Trust: 0.1
url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Trust: 0.1
url:https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-2121
Trust: 0.1
sources:
            
            
            ZDI: ZDI-15-192 // 
            
            
            
            CNVD: CNVD-2015-02998 // 
            
            
            
            BID: 74583 // 
            
            
            
            JVNDB: JVNDB-2015-002805 // 
            
            
            
            PACKETSTORM: 131848 // 
            
            
            
            CNNVD: CNNVD-201505-085 // 
            
            
            
            NVD: CVE-2015-2121

CREDITS
Aniway.Anyway@gmail.com
Trust: 0.7
sources:
            
            
            ZDI: ZDI-15-192

SOURCES
db:IVDid:52a62ba0-1fd7-4027-972f-e97f629cf187
db:ZDIid:ZDI-15-192
db:CNVDid:CNVD-2015-02998
db:BIDid:74583
db:JVNDBid:JVNDB-2015-002805
db:PACKETSTORMid:131848
db:CNNVDid:CNNVD-201505-085
db:NVDid:CVE-2015-2121

LAST UPDATE DATE
2025-04-13T23:21:17.408000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-15-192date:2015-05-12T00:00:00
db:CNVDid:CNVD-2015-02998date:2015-05-13T00:00:00
db:BIDid:74583date:2015-05-15T00:13:00
db:JVNDBid:JVNDB-2015-002805date:2015-05-28T00:00:00
db:CNNVDid:CNNVD-201505-085date:2015-05-26T00:00:00
db:NVDid:CVE-2015-2121date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:IVDid:52a62ba0-1fd7-4027-972f-e97f629cf187date:2015-05-13T00:00:00
db:ZDIid:ZDI-15-192date:2015-05-12T00:00:00
db:CNVDid:CNVD-2015-02998date:2015-05-13T00:00:00
db:BIDid:74583date:2015-05-05T00:00:00
db:JVNDBid:JVNDB-2015-002805date:2015-05-28T00:00:00
db:PACKETSTORMid:131848date:2015-05-11T21:24:32
db:CNNVDid:CNNVD-201505-085date:2015-05-12T00:00:00
db:NVDid:CVE-2015-2121date:2015-05-25T17:59:02.280