This script is Copyright (C) 2016 Tenable Network Security, Inc.
A virtualization appliance installed on the remote host is affected by
a remote code execution vulnerability.
The version of VMware vCloud Director installed on the remote host is
5.5.x prior to 220.127.116.11, 5.6.x prior to 18.104.22.168, or 8.0.x prior to
22.214.171.124. It is, therefore, affected by a flaw in the bundled Oracle
JRE JMX subcomponent due to deserializing any class when deserializing
authentication credentials. An unauthenticated, remote attacker can
exploit this to execute arbitrary code.
See also :
Upgrade to VMware vCloud Director version 126.96.36.199 / 188.8.131.52 / 184.108.40.206
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false