Unauthenticated Access Vulnerability in Oracle GlassFish Server by Oracle
CVE-2018-3210
5.3MEDIUM
Summary
A vulnerability exists within the Oracle GlassFish Server component of Oracle Fusion Middleware, specifically in the Java Server Faces subcomponent. This security flaw enables an unauthenticated attacker to exploit network access via HTTP, potentially compromising the confidentiality of data stored on the server. The affected version, 3.1.2, poses a risk as it allows unauthorized access to certain data, which could lead to significant information exposure.
Affected Version(s)
GlassFish Server 3.1.2
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved