Solarwinds Virtualization Manager Java JMX-RMI Remote Code Execution Exploit

The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2016-3642
Product Version: 
37
Released Date: 
Wednesday, June 29, 2016 - 19:00