CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6934

Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.4%

CVSS Severity

CVSS v3 Score 7.3

CVSS v2 Score 7.5

References

Products affected by CVE-2015-6934

Vmware » Vcenter Orchestrator » Version: 5.5

cpe:2.3:a:vmware:vcenter_orchestrator:5.5
Vmware » Vcenter Orchestrator » Version: 5.5.1

cpe:2.3:a:vmware:vcenter_orchestrator:5.5.1
Vmware » Vcenter Orchestrator » Version: 5.5.2

cpe:2.3:a:vmware:vcenter_orchestrator:5.5.2
Vmware » Vcenter Orchestrator » Version: 5.5.2.1

cpe:2.3:a:vmware:vcenter_orchestrator:5.5.2.1
Vmware » Vrealize Orchestrator » Version: 6.0.1

cpe:2.3:a:vmware:vrealize_orchestrator:6.0.1
Vmware » Vrealize Orchestrator » Version: 6.0.2

cpe:2.3:a:vmware:vrealize_orchestrator:6.0.2
Vmware » Vrealize Orchestrator » Version: 6.0.3

cpe:2.3:a:vmware:vrealize_orchestrator:6.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6934

Products

Pricing

Contact Us