VMware vCenter Java JMX Server Insecure Configuration Java Code Execution Vulnerability
Publish date: 12 de octubre de 2016
Gravedad: Crítico
Descripción
VMware vCenter Server contains a remotely accessible JMX RMI service that is not securely configured. An unauthenticated remote attacker that is able to connect to the service may be able use it to execute arbitrary code on the vCenter server. By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a jar file.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1007116