Absent Member.. Absent Member..
Absent Member..

HP LoadRunner Multiple Vulnerabilities (HPSBMU02935)

We are using LR version 11.52 . Recenthly in our monthly reports from the Load Runner machine we noticed software vulnerabilities. "Potential security vulnerabilities have been identified in HP LoadRunner Virtual User Generator. The vulnerabilities could be exploited to allow
remote code execution.
Affected Products:
HP LoadRunner versions prior to v11.52 are affected."

A solution has been provided for this issue " Hewlett-Packard customers are advised to install HP LoadRunner (http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=
emr_na-c03969437) or subsequent versions to remediate this vulnerability." 
But issue is still persisted. 

Please let me know if there is solution to fix this issues.


1 Reply
Acclaimed Contributor.
Acclaimed Contributor.

Re: HP LoadRunner Multiple Vulnerabilities (HPSBMU02935)

Hello Avinashinampudi,

To overcome the vulnerability, use one of the following suggested workarounds:

Upgrade to LoadRunner 11.52 with Patch 1 or Performance Center 11.52 with patch 1 (or a higher version) where the vulnerability is fixed,
Do not start the Tomcat webserver,
Delete apache-tomcat-5.5.17 folder located in LoadRunner or VuGen installation directory.




Daniela Gómez Alvarado
Customer Support Engineer

If you find that this or any other post resolves your issue, please be sure to mark it as an accepted solution.
If you are satisfied with anyone’s response please remember to give them a KUDOS by clicking on the STAR at the bottom left of the post and show your appreciation.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.