| |
Vulnerability CVE-2017-1000029
Published: 2017-07-17
Description: |
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication. |
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5/10 |
2.9/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-011/?fid=8037
|
|
|
Copyright 2024, cxsecurity.com
|
|
|