Описание
Eclipse GlassFish is vulnerable to Login Brute Force attacks through unlimited failed login attempts
In Eclipse GlassFish version 7.0.16 or earlier, it is possible to perform login brute force attacks as there is no limitation on the number of failed login attempts.
Пакеты
Наименование
org.glassfish.main.admingui:console-common
maven
Затронутые версииВерсия исправления
<= 7.0.25
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
7 месяцев назад
In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts.