Vulnerability CVE-2011-0807


Published: 2011-04-19   Modified: 2012-02-13

Description:
Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.

See advisories in our WLB2 database:
Topic
Author
Date
High
Sun/Oracle GlassFish Server Authenticated Code Execution
metasploit
08.08.2011

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
SUN -> Java system application server 
Oracle -> Glassfish server 

 References:
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
http://securityreason.com/securityalert/8327

Copyright 2021, cxsecurity.com

 

Back to Top