Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-0807

4 documents4 sources
Severity
10.0CRITICAL
EPSS
87.5%
top 0.54%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Oracle Glassfish ServerSUN Java System Application Server
Timeline
PublishedApr 20
Latest updateMay 17

Description

Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDoracle/glassfish_server2.1, 2.1.1, 3.0.1+2

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-v6gw-xw3f-59f9: Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 22022-05-17
CVEList
CVE-2011-0807: Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 22011-04-20

💥Exploits & PoCs

1
Exploit-DB
Sun/Oracle GlassFish Server - (Authenticated) Code Execution (Metasploit)2011-08-05
CVE-2011-0807 (CRITICAL CVSS 10) | Unspecified vulnerability in Oracle | cvebase.io