CVE-2015-2342

CVE Database · CVE-2015-2342

CVE-2015-2342

· N/AModified

CVSS v3.1

N/A

EPSS

89.05%

Published

Oct 12, 2015

Modified

May 6, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBJava JMX - Server Insecure Configuration Java Code Execution (Metasploit)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol.

Affected Products (4)

vmware · vcenter_servervulnerable

References (12)

http://seclists.org/fulldisclosure/2015/Oct/1

http://www.securityfocus.com/bid/76930

http://www.securitytracker.com/id/1033720

http://www.vmware.com/security/advisories/VMSA-2015-0007.html

PatchVendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-15-455

https://www.7elements.co.uk/resources/technical-advisories/cve-2015-2342-vmware-vcenter-remote-code-execution/

http://seclists.org/fulldisclosure/2015/Oct/1

http://www.securityfocus.com/bid/76930

http://www.securitytracker.com/id/1033720

http://www.vmware.com/security/advisories/VMSA-2015-0007.html

KEV Catalog EPSS Scores Vendors All CVEs