Unspecified Vulnerability in Oracle GlassFish Server Affects Oracle Fusion Middleware
CVE-2016-3608

5.8MEDIUM

Key Information:

Vendor
Oracle
Status
Glassfish Server
Vendor
CVE Published:
21 July 2016

Summary

An unspecified vulnerability exists in the Oracle GlassFish Server component of Oracle Fusion Middleware 3.0.1, which may allow remote attackers to compromise the confidentiality of information through various vectors linked to the Administration interface. This vulnerability underscores the importance of securing administrative features and ensuring that access controls are rigorously enforced to prevent unauthorized access.

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036371
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/92031
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.