This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote host is a virtualization appliance that is affected by a
remote code execution vulnerability.
The VMware vSphere Replication running on the remote host is version
5.6.x prior to 188.8.131.52, 5.8.x prior to 184.108.40.206, 6.0.x prior to
220.127.116.11, or 6.1.x prior to 6.1.1. It is, therefore, affected by a
remote code execution vulnerability in the Oracle JRE JMX component
due to a flaw related to the deserialization of authentication
credentials. An unauthenticated, remote attacker can exploit this to
execute arbitrary code.
Note that vSphere Replication is only affected if its vCloud Tunneling
Agent is running, and it is not enabled by default.
See also :
Upgrade to VMware vSphere Replication version 18.104.22.168 / 22.214.171.124 /
126.96.36.199 / 6.1.1 or later.
Risk factor :
Critical / CVSS Base Score : 10.0