PT-2016-6470 · Oracle · Oracle Glassfish Server

Publicado

2016-07-21

Atualizado

2017-09-01

CVE-2016-5477

CVSS v3.1

5.8

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle GlassFish Server versions 2.1.1 and 3.0.1

Description The issue affects confidentiality and can be exploited by remote attackers through vectors related to Administration in the Oracle GlassFish Server component of Oracle Fusion Middleware.

Recommendations For Oracle GlassFish Server version 2.1.1, update to a version that addresses this issue. For Oracle GlassFish Server version 3.0.1, update to a version that addresses this issue. As a temporary workaround, consider restricting access to the Administration component until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2016-5477

Produtos afetados

Oracle Glassfish Server

PT-2016-6470 · Oracle · Oracle Glassfish Server

CVE-2016-5477

Identificadores relacionados

Produtos afetados

Referências · 6