漏洞类别:CGI
漏洞等级: 
漏洞信息
Oracle GlassFish Server Open Source Edition is an open source application server.
Oracle GlassFish Server Open Source Edition is exposed to following vulnerablities:
1) An unauthenticated local file inclusion vulnerability that can be used to expose system sensitive information.
2) Java Key Store Password Disclosure vulnerability that can allow a remote attacker to obtain administrative privileged access to the web interface of the affected device.
Affected Products:
Oracle GlassFish Server Open Source Edition Version 3.0.1build 22 is confirmed vulnerable. Other versions might also be affected.
漏洞危害
Successfully exploiting these vulnerabilities might allow a remote unauthenticated attacker to gain system sensitive information and gain administrative privileges.
解决方案
There are no vendor-supplied patches available at this time.
0day
文章评论