Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/79648 | |
http://www.vmware.com/security/advisories/VMSA-2015-0009.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2015-12-21T02:00:00
Updated: 2016-11-25T19:57:01
Reserved: 2015-09-14T00:00:00
Link: CVE-2015-6934
JSON object: View
NVD Information
Status : Modified
Published: 2015-12-21T03:59:00.267
Modified: 2016-11-28T19:40:49.673
Link: CVE-2015-6934
JSON object: View
Redhat Information
No data.
CWE