CVE-2015-2342

critical VMware
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
92.0%
Exploitation probability in 30 days
Top 0% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: October 12, 2015 (3868 days ago)
Last Modified: May 6, 2026
Vendor: VMware
Source: NVD

Description

The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol.

CWE

NVD-CWE-Other

Affected Products

vmware vcenter server

References

🔗 seclists.org 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 www.vmware.com 🔗 www.zerodayinitiative.com