← volver
CVE-2023-5763

Glassfish remote code execution

CVSS 6.8 MEDIUMEPSS 0.7%CWE-20CWE-913
In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Productos afectados
Eclipse Foundation · Glassfish

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://gitlab.eclipse.org/security/cve-assignement/-/issues/14https://glassfish.org/docs/latest/security-guide.html#securing-glassfish-server