CVE-2015-2121

high HPE
CVSS v3 Base Score
7.8
AV:N/AC:L/Au:N/C:C/I:N/A:N
EPSS Score
1.1%
Exploitation probability in 30 days
Top 22% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
None
Availability
None
Published: May 25, 2015 (4007 days ago)
Last Modified: May 6, 2026
Vendor: HPE
Source: NVD

Description

HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569.

CWE

CWE-200

Affected Products

hp network virtualization

References

🔗 www.securityfocus.com 🔗 zerodayinitiative.com 🔗 h20564.www2.hp.com 🔗 www.securityfocus.com 🔗 zerodayinitiative.com