Known Vulnerabilities for Glassfish Server by Oracle
Listed below are 10 of the newest known vulnerabilities associated with "Glassfish Server" by "Oracle".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3314 | ** UNSUPPORTED WHEN ASSIGNED ** Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A mali... | 6.1 - MEDIUM | 2021-06-25 | 2023-11-07 |
| CVE-2018-14324 | The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for t... | 9.8 - CRITICAL | 2018-07-16 | 2019-05-20 |
| CVE-2018-3210 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The sup... | 5.3 - MEDIUM | 2018-10-17 | 2019-10-03 |
| CVE-2018-3152 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). The suppor... | 7.5 - HIGH | 2018-10-17 | 2019-10-03 |
| CVE-2018-2911 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The sup... | 8.3 - HIGH | 2018-10-17 | 2019-10-03 |
| CVE-2017-3626 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The sup... | 3.1 - LOW | 2017-04-24 | 2019-10-03 |
| CVE-2017-3250 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versio... | 7.3 - HIGH | 2017-01-27 | 2017-01-31 |
| CVE-2017-3249 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versio... | 7.3 - HIGH | 2017-01-27 | 2017-01-31 |
| CVE-2017-3247 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions t... | 4.3 - MEDIUM | 2017-01-27 | 2019-10-03 |
| CVE-2017-3239 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported ... | 3.3 - LOW | 2017-01-27 | 2017-01-31 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Glassfish Server | 5.0 | All | All | All |
| Application | Oracle | Glassfish Server | 4.1 | All | All | All |
| Application | Oracle | Glassfish Server | 3_prelude | All | All | All |
| Application | Oracle | Glassfish Server | 3.1.2 | All | All | All |
| Application | Oracle | Glassfish Server | 3.1.1 | All | All | All |
| Application | Oracle | Glassfish Server | 3.1 | All | All | All |
| Application | Oracle | Glassfish Server | 3.0.1 | All | All | All |
| Application | Oracle | Glassfish Server | 3.0.1 | All | All | All |
| Application | Oracle | Glassfish Server | 3.0 | All | All | All |
| Application | Oracle | Glassfish Server | 2.1.1 | All | All | All |
| Application | Oracle | Glassfish Server | 2.1 | All | All | All |
| Application | Oracle | Glassfish Server | 2.0 | All | All | All |
| Application | Oracle | Glassfish Server | 2 | ur2 | All | All |
| Application | Oracle | Glassfish Server | 2 | ur1 | All | All |
| Application | Oracle | Glassfish Server | 1.0 | All | All | All |
| Application | Oracle | Glassfish Server | 1.0 | ur1_po1 | All | All |
| Application | Oracle | Glassfish Server | 1.0 | ur1 | All | All |