Vulnerabilites related to Eclipse Foundation - Glassfish
CVE-2023-5763 (GCVE-0-2023-5763)
Vulnerability from cvelistv5
Published
2023-11-03 06:40
Modified
2024-09-05 19:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Glassfish |
Version: 6.0.0 ≤ 6.2.5 Version: 5.0 ≤ 5.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://glassfish.org/docs/latest/security-guide.html#securing-glassfish-server"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/14"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5763",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T18:52:07.586018Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:04:31.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Glassfish",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "6.2.5",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.1",
"status": "affected",
"version": "5.0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Running with older versions of the JDK (lower than 6u211, or \u0026lt; 7u201, or \u0026lt; 8u191)\u003cbr\u003e"
}
],
"value": "Running with older versions of the JDK (lower than 6u211, or \u003c 7u201, or \u003c 8u191)\n"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "tr1ple kurosel (AntGroup FG)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or \u0026lt; 7u201, or \u0026lt; 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.\u003cbr\u003e"
}
],
"value": "In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or \u003c 7u201, or \u003c 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63: Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-03T06:40:43.441Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://glassfish.org/docs/latest/security-guide.html#securing-glassfish-server"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/14"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Glassfish remote code execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2023-5763",
"datePublished": "2023-11-03T06:40:43.441Z",
"dateReserved": "2023-10-25T04:59:21.006Z",
"dateUpdated": "2024-09-05T19:04:31.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9329 (GCVE-0-2024-9329)
Vulnerability from cvelistv5
Published
2024-09-30 07:11
Modified
2024-10-07 15:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-233 - Improper Handling of Parameters
Summary
In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Glassfish |
Version: 5.1.0 ≤ 7.0.16 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:eclipse_foundation:glassfish:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "glassfish",
"vendor": "eclipse_foundation",
"versions": [
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "5.1.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9329",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:02:00.550829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:03:26.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-10-07T15:59:12.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Glassfish",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "5.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marco Ventura (redteam https://www.gruppotim.it/it/footer/red-team.html)"
},
{
"lang": "en",
"type": "finder",
"value": "Claudia Bartolini (redteam https://www.gruppotim.it/it/footer/red-team.html)"
},
{
"lang": "en",
"type": "finder",
"value": "Andrea Carlo Maria Dattola (redteam https://www.gruppotim.it/it/footer/red-team.html)"
},
{
"lang": "en",
"type": "finder",
"value": "Debora Esposito (redteam https://www.gruppotim.it/it/footer/red-team.html)"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli (redteam https://www.gruppotim.it/it/footer/red-team.html)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is \u0027/management/domain\u0027. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.\u003cbr\u003e"
}
],
"value": "In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is \u0027/management/domain\u0027. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233 Improper Handling of Parameters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:11:53.688Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/eclipse-ee4j/glassfish/pull/25106"
},
{
"tags": [
"issue-tracking"
],
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/232"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Glassfish redirect to untrusted site",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-9329",
"datePublished": "2024-09-30T07:11:53.688Z",
"dateReserved": "2024-09-29T16:38:56.846Z",
"dateUpdated": "2024-10-07T15:59:12.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}