CVE-2015-6934

creationtimestamp| type| source ---|---|--- 2024-01-07 07:25:21+00:00| seen| https://t.me/arpsyndicate/2624...

VMware vCenter / vRealize Orchestrator 4.2.x / 5.x / 6.x Java Object Deserialization RCE (VMSA-2015-0009)

The version of VMware vCenter / vRealize Orchestrator installed on the remote host is 4.2.x, 5.x, or 6.x and includes the Apache Commons Collections ACC library version 3.2.1. It is, therefore, affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Ja...

Immunity Canvas: VREALIZE_VCOFACTORY_DESERIALIZE

Name| vrealizevcofactorydeserialize ---|--- CVE| CVE-2015-6934 Exploit Pack| CANVAS Description| vrealizevcofactorydeserialize Notes| CVE Name: CVE-2015-6934 VENDOR: VMWare NOTES: IMPORTANT NOTE: Any instance of this application running Apache Commons Collections version prior to 3.0 WILL NOT WOR...

CVE-2015-6934

This CVE (CVE-2015-6934) concerns insecure deserialization in VMware software: VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager 7.x. The root cause is unsafe/deserialization of crafted Java objec...

VMware vCenter Server updates address an important reflected cross-site scripting issue

3.a Commons-collections deserialization vulnerability A deserialization vulnerability involving Apache Commons-collections and a specially constructed chain of classes exists. Successful exploitation could result in remote code execution, with the permissions of the application using the...

VMSA-2015-0009:VMware vCenter Server updates address an HIGH reflected cross-site scripting issue

VMSA-2015-0009.5 VMware product updates address a critical deserialization vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2015-0009.5 VMware Security Advisory Synopsis: VMware product updates address a critical deserialization vulnerability VMware Security...