CVE-2017-4947

Summary

VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance.

Affected Software

VendorProductVersion RangeStatus
VMwarevRealize Automation7.3 and 7.2affected
VMwarevSphere Integrated Containers1.x before 1.3affected

Weaknesses

  • Deserialization vulnerability via Xenon

ADP Enrichment

CVE Program Container

Additional References

References