Vulnerabilities > CVE-2015-2342 - Unspecified vulnerability in VMWare Vcenter Server

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
vmware
nessus
exploit available
metasploit

Summary

The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol.

Exploit-Db

descriptionJava JMX Server Insecure Configuration Java Code Execution. CVE-2015-2342. Remote exploit for java platform
idEDB-ID:36101
last seen2016-02-04
modified2015-02-17
published2015-02-17
reportermetasploit
sourcehttps://www.exploit-db.com/download/36101/
titleJava JMX Server Insecure Configuration Java Code Execution

Metasploit

Nessus

  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2015-0007.NASL
    descriptionThe remote VMware ESXi host is affected by a remote code execution vulnerability due to a double-free error in the SLPDProcessMessage() function in OpenSLP. An unauthenticated, remote attacker can exploit this, via a crafted package, to execute arbitrary code or cause a denial of service condition.
    last seen2020-06-01
    modified2020-06-02
    plugin id86254
    published2015-10-03
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86254
    titleVMSA-2015-0007 : VMware vCenter and ESXi updates address critical security issues
  • NASL familyMisc.
    NASL idVMWARE_ESXI_5_1_BUILD_3021178_REMOTE.NASL
    descriptionThe remote VMware ESXi host is version 5.1 prior to build 3021178. It is, therefore, affected by a remote code execution vulnerability due to a double-free error in the SLPDProcessMessage() function in OpenSLP. An unauthenticated, remote attacker can exploit this, via a crafted package, to execute arbitrary code or cause a denial of service condition.
    last seen2020-06-01
    modified2020-06-02
    plugin id86946
    published2015-11-19
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86946
    titleVMware ESXi 5.1 < Build 3021178 OpenSLP RCE (VMSA-2015-0007)
  • NASL familyMisc.
    NASL idVMWARE_ESXI_5_5_BUILD_3029944_REMOTE.NASL
    descriptionThe remote VMware ESXi host is version 5.5 prior to build 3029944. It is, therefore, affected by a remote code execution vulnerability due to a double-free error in the SLPDProcessMessage() function in OpenSLP. An unauthenticated, remote attacker can exploit this, via a crafted package, to execute arbitrary code or cause a denial of service condition.
    last seen2020-06-01
    modified2020-06-02
    plugin id86947
    published2015-11-19
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86947
    titleVMware ESXi 5.5 < Build 3029944 OpenSLP RCE (VMSA-2015-0007)
  • NASL familyMisc.
    NASL idVMWARE_VCENTER_VMSA-2015-0007.NASL
    descriptionThe VMware vCenter Server installed on the remote host is affected by the following vulnerabilities : - A flaw exists in the vpxd service due to improper sanitization of long heartbeat messages. An unauthenticated, remote attacker can exploit this to cause a denial of service. (CVE-2015-1047) - A flaw exists due to an insecurely configured and remotely accessible JMX RMI service. An unauthenticated, remote attacker can exploit this, via an MLet file, to execute arbitrary code on the vCenter server with the same privileges as the web server. (CVE-2015-2342)
    last seen2020-06-01
    modified2020-06-02
    plugin id86255
    published2015-10-02
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/86255
    titleVMware vCenter Multiple Vulnerabilities (VMSA-2015-0007)
  • NASL familyMisc.
    NASL idVMWARE_ESXI_5_0_BUILD_3021432_REMOTE.NASL
    descriptionThe remote VMware ESXi host is version 5.0 prior to build 3021432. It is, therefore, affected by a remote code execution vulnerability due to a double-free error in the SLPDProcessMessage() function in OpenSLP. An unauthenticated, remote attacker can exploit this, via a crafted package, to execute arbitrary code or cause a denial of service condition.
    last seen2020-06-01
    modified2020-06-02
    plugin id86945
    published2015-11-19
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86945
    titleVMware ESXi 5.0 < Build 3021432 OpenSLP RCE (VMSA-2015-0007)