Remote Code Execution via Serialized Java Object in SolarWinds Virtualization Manager
CVE-2016-3642 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Learn more about our Cis Benchmark Audit For Apache Http Server.