Описание
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [code not present]] |
| precise/esm | DNE | |
| trusty | not-affected | code not present |
| trusty/esm | DNE | trusty was not-affected [code not present] |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | not-affected | code not present |
| yakkety | not-affected | code not present |
Показывать по
EPSS
5 Medium
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface.
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulne ...
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface.
EPSS
5 Medium
CVSS2
9.8 Critical
CVSS3