Main
Vulnerability Database
Exploits
ID:1750 - Exploit for Improper authorization in vCenter Server - CVE-2015-2342
ID:1750 - Exploit for Improper authorization in vCenter Server - CVE-2015-2342
Published: March 18, 2020
Vulnerability identifier: #VU12438
Vulnerability risk: High
CVE-ID: CVE-2015-2342
CWE-ID: CWE-285
Exploitation vector: Remote access
Vulnerable software:
vCenter Server
vCenter Server
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists in the JMX RMI service due to missing restriction of registration of MBeans. A remote attacker can execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists in the JMX RMI service due to missing restriction of registration of MBeans. A remote attacker can execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Update to versions 5.0u3e, 5.1u3b, 5.5u3 or 6.0u1.