CVE-2015-2342
60Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 89%
from disclosure to weapon0 days
Published on NVDOct 12
1st PoCFeb 17
metasploitMay 22
exploitation probability
89%top 1% of all CVEs
observed exploitation
nono source reports it
1 public exploit(s)
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/36101unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://seclists.org/fulldisclosure/2015/Oct/1https://www.7elements.co.uk/resources/technical-advisories/cve-2015-2342-vmware-vcenter-remote-code-execution/http://www.securityfocus.com/bid/76930http://www.securitytracker.com/id/1033720http://www.vmware.com/security/advisories/VMSA-2015-0007.htmlhttp://www.zerodayinitiative.com/advisories/ZDI-15-455