Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface.
References
Link | Resource |
---|---|
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-011/?fid=8037 | Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-07-13T20:00:00
Updated: 2017-07-13T19:57:01
Reserved: 2017-07-10T00:00:00
Link: CVE-2017-1000030
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-07-17T13:18:16.907
Modified: 2017-07-21T15:54:51.737
Link: CVE-2017-1000030
JSON object: View
Redhat Information
No data.
CWE