VMware vCenter Server CVE-2015-2342 Remote Code Execution Vulnerability



VMware vCenter Server is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application.

Information

Bugtraq ID: 76930
Class: Design Error
CVE: CVE-2015-2342

Remote: Yes
Local: No
Published: Oct 01 2015 12:00AM
Updated: Aug 10 2018 10:00AM
Credit: Doug McLeod of 7 Elements Ltd and an anonymous researcher working through HP's Zero Day Initiative.
Vulnerable: VMWare vCenter Server 6.0
VMWare vCenter Server 5.5 update1
VMWare vCenter Server 5.5 Update 2
VMWare vCenter Server 5.5
VMWare vCenter Server 5.1
VMWare vCenter Server 5.0 update2
VMWare vCenter Server 5.0 Update 1
VMWare vCenter Server 5.0


Not Vulnerable: VMWare vCenter Server 6.0.0b
VMWare vCenter Server 6.0 Update 1
VMWare vCenter Server 5.5 Update 3
VMWare vCenter Server 5.5 U3d
VMWare vCenter Server 5.5 u3
VMWare vCenter Server 5.1 Update u3b
VMWare vCenter Server 5.1 U3d
VMWare vCenter Server 5.1 U3b
VMWare vCenter Server 5.0 Update u3e
VMWare vCenter Server 5.0 U3e


Exploit



Related Posts