Vulnerabilities > Oracle > Glassfish Server > 3.0.1

DATE CVE VULNERABILITY TITLE RISK
2021-06-25 CVE-2021-3314 Cross-site Scripting vulnerability in Oracle Glassfish Server
Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS.
network
low complexity
oracle CWE-79
6.1
6.1
2017-10-19 CVE-2017-10393 Unspecified vulnerability in Oracle Glassfish Server 3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container).
network
low complexity
oracle
6.3
6.3
2017-10-19 CVE-2017-10391 Unspecified vulnerability in Oracle Glassfish Server 3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration).
network
low complexity
oracle
7.3
7.3
2017-10-19 CVE-2017-10385 Unspecified vulnerability in Oracle Glassfish Server 3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container).
network
low complexity
oracle
6.3
6.3
2017-07-17 CVE-2017-1000030 Improper Authentication vulnerability in Oracle Glassfish Server 3.0.1
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface.
network
low complexity
oracle CWE-287
critical
 9.8
9.8
2017-07-17 CVE-2017-1000029 Information Exposure vulnerability in Oracle Glassfish Server 3.0.1
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.
network
low complexity
oracle CWE-200
7.5
7.5
2017-01-27 CVE-2017-3250 Information Exposure vulnerability in Oracle Glassfish Server 2.1.1/3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security).
network
low complexity
oracle CWE-200
7.3
7.3
2017-01-27 CVE-2017-3249 Unspecified vulnerability in Oracle Glassfish Server 2.1.1/3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security).
network
low complexity
oracle
7.3
7.3
2017-01-27 CVE-2017-3247 Unspecified vulnerability in Oracle Glassfish Server 2.1.1/3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core).
network
low complexity
oracle
4.3
4.3
2017-01-27 CVE-2017-3239 Information Exposure vulnerability in Oracle Glassfish Server 3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration).
local
low complexity
oracle CWE-200
3.3
3.3