VMware vSphere Replication Oracle JRE JMX Deserialization RCE (VMSA-2016-0005)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is a virtualization appliance that is affected by a
remote code execution vulnerability.

Description :

The VMware vSphere Replication running on the remote host is version
5.6.x prior to 5.6.0.6, 5.8.x prior to 5.8.1.2, 6.0.x prior to
6.0.0.3, or 6.1.x prior to 6.1.1. It is, therefore, affected by a
remote code execution vulnerability in the Oracle JRE JMX component
due to a flaw related to the deserialization of authentication
credentials. An unauthenticated, remote attacker can exploit this to
execute arbitrary code.

Note that vSphere Replication is only affected if its vCloud Tunneling
Agent is running, and it is not enabled by default.

See also :

http://www.vmware.com/security/advisories/VMSA-2016-0005

Solution :

Upgrade to VMware vSphere Replication version 5.6.0.6 / 5.8.1.2 /
6.0.0.3 / 6.1.1 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Misc.

Nessus Plugin ID: 91457 ()

Bugtraq ID:

CVE ID: CVE-2016-3427

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now