Remote Vulnerability in Oracle GlassFish Server Affects Oracle Fusion Middleware
CVE-2016-5477

5.8MEDIUM

Key Information:

Vendor
Oracle
Status
Glassfish Server
Vendor
CVE Published:
21 July 2016

Summary

The vulnerability in Oracle GlassFish Server, part of Oracle Fusion Middleware versions 2.1.1 and 3.0.1, allows remote attackers to potentially compromise data confidentiality through vectors related to the Administration interface. This issue highlights the importance of securing administrative access to protect sensitive information from unauthorized access.

References

http://www.securityfocus.com/bid/92032
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036371
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.