PT-2025-29719 · Eclipse · Eclipse Glassfish

Claudia Bartolini

Published

2025-07-16

Updated

2025-07-21

CVE-2024-9342

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Eclipse GlassFish versions 7.0.16 and earlier

Description Eclipse GlassFish is susceptible to login brute-force attacks due to the absence of restrictions on the number of failed login attempts.

Recommendations Apply a configuration to limit the number of failed login attempts.

Fix

Improper Restriction of Excessive Authentication Attempts

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-307

Related Identifiers

CVE-2024-9342

GHSA-99F7-HP6J-V6Q4

Affected Products

Eclipse Glassfish

PT-2025-29719 · Eclipse · Eclipse Glassfish

CVE-2024-9342

Weakness Enumeration

Related Identifiers

Affected Products

References · 9