Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-2260

6 documents6 sources
Severity
5.8MEDIUM
EPSS
40.5%
top 2.65%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle SUN Products Suite
Timeline
PublishedJul 20
Latest updateMay 17

Description

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

2
GHSA
GHSA-3f5f-g8gg-c73f: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2↗2022-05-17
â–¶
CVEList
CVE-2011-2260: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2↗2011-07-20
â–¶

💥Exploits & PoCs

1
Exploit-DB
Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting↗2011-07-20
â–¶

📋Vendor Advisories

1
Red Hat
glassfish: Unspecified vulnerability affecting confidentiality and integrity via unspecified vectors↗2011-07-19
â–¶

💬Community

1
Bugzilla
CVE-2011-1511, CVE-2011-2260 glassfish: Unspecified vulnerability affecting confidentiality and integrity via unspecified vectors↗2011-10-10
â–¶
CVE-2011-2260 (MEDIUM CVSS 5.8) | Unspecified vulnerability in the Or | cvebase.io