CVE-2015-2342

Published: Oct 12, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20151001 CVE-2015-2342 VMware vCenter Remote Code Execution

mailing-list

x_refsource_FULLDISC

1033720

vdb-entry

x_refsource_SECTRACK

http://www.zerodayinitiative.com/advisories/ZDI-15-455

x_refsource_MISC

76930

vdb-entry

x_refsource_BID

https://www.7elements.co.uk/resources/technical-advisories/cve-2015-2342-vmware-vcenter-remote-code-execution/

x_refsource_MISC

http://www.vmware.com/security/advisories/VMSA-2015-0007.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-2342

Description

Affected Products

References