CVE-2015-6934
https://notcve.org/view.php?id=CVE-2015-6934
Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. Interfaces objeto-serializado en VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x y vCenter Application Discovery Manager (vADM) 7.x permiten a atacantes remotos ejecutar comandos arbitrarios a través de un objeto serializado de Java manipulado, relacionado con la librearía Apache Commons Collections. • http://www.securityfocus.com/bid/79648 http://www.vmware.com/security/advisories/VMSA-2015-0009.html • CWE-20: Improper Input Validation •
CVE-2015-1047
https://notcve.org/view.php?id=CVE-2015-1047
vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote attackers to cause a denial of service via a long heartbeat message. vpxd en Vmware vCenter Server 5.0 en versiones anteriores a u3e, 5.1 en versiones anteriores a u3 y 5.5 en versiones anteriores a u2 permite a atacantes remotos provocar una denegación de servicio a través de un mensaje heartbeat largo. • http://www.securityfocus.com/bid/76932 http://www.securitytracker.com/id/1033720 http://www.vmware.com/security/advisories/VMSA-2015-0007.html • CWE-20: Improper Input Validation •
CVE-2015-2342 – VMware vCenter Server JMX RMI Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2342
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol. El servicio JMX RMI en Vmware vCenter Server 5.0 en versiones anteriores a u3e, 5.1 en versiones anteriores a u3b, 5.5 en versiones anteriores a u3 y 6.0 en versiones anterioes a u1 no restringe el registro de Mbeans, lo que permite a atacantes remotos ejecutar código arbitrario a través del protocolo RMI. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware vCenter Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the configuration of the JMX remote interface. This interface allows a remote attacker to register attacker-controlled mbeans. • https://www.exploit-db.com/exploits/36101 http://seclists.org/fulldisclosure/2015/Oct/1 http://www.securityfocus.com/bid/76930 http://www.securitytracker.com/id/1033720 http://www.vmware.com/security/advisories/VMSA-2015-0007.html http://www.zerodayinitiative.com/advisories/ZDI-15-455 https://www.7elements.co.uk/resources/technical-advisories/cve-2015-2342-vmware-vcenter-remote-code-execution https://docs.oracle.com/javase/8/docs/technotes/guides/jmx/JMX_1_4_specification.pdf https: •
CVE-2015-6932
https://notcve.org/view.php?id=CVE-2015-6932
VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Vulnerabilidad en VMware vCenter Server 5.5 en versiones anteriores a u3 y 6.0 en versiones anteriores a u1, no verifica los certificados X.509 de los servidores TLS LDAP, lo que permite a atacantes man-in-the-middle suplantar servidores y obtener información sensible a través de un certificado manipulado. • http://www.securitytracker.com/id/1033582 http://www.vmware.com/security/advisories/VMSA-2015-0006.html • CWE-310: Cryptographic Issues •
CVE-2014-3797
https://notcve.org/view.php?id=CVE-2014-3797
Cross-site scripting (XSS) vulnerability in VMware vCenter Server Appliance (vCSA) 5.1 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en VMware vCenter Server Appliance (vCSA) 5.1 anterior a Update 3 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://seclists.org/fulldisclosure/2014/Dec/23 http://www.securityfocus.com/archive/1/534161/100/0/threaded http://www.vmware.com/security/advisories/VMSA-2014-0012.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •