Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-0550

4 documents4 sources

Severity

6.8MEDIUM

EPSS

15.6%

top 5.31%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Oracle Glassfish Server

Timeline

PublishedMay 3

Latest updateMay 4

Description

Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Container.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDoracle/glassfish_server3.1.1

🔴Vulnerability Details

GHSA

GHSA-f82c-h7j4-72fj: Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3↗2022-05-04

▶

CVEList

CVE-2012-0550: Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3↗2012-05-03

▶

💥Exploits & PoCs

Exploit-DB

Oracle GlassFish Server - REST Cross-Site Request Forgery↗2012-04-22

▶