CVE-2015-2342
HIGH severity · CVSS 10
10CVSS HIGH
Summary
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)92%
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Official patch: http://www.vmware.com/security/advisories/VMSA-2015-0007.html ↗
Additional information
- NVD record
- http://www.vmware.com/security/advisories/VMSA-2015-0007.htmlPatch
- http://seclists.org/fulldisclosure/2015/Oct/1
- http://www.securityfocus.com/bid/76930
- http://www.securitytracker.com/id/1033720
- http://www.zerodayinitiative.com/advisories/ZDI-15-455
- https://www.7elements.co.uk/resources/technical-advisories/cve-2015-2342-vmware-vcenter-remote-code-execution/
- http://seclists.org/fulldisclosure/2015/Oct/1
- http://www.securityfocus.com/bid/76930