CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-5763

In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.3%

CVSS Severity

CVSS v3 Score 6.8

References

https://gitlab.eclipse.org/security/cve-assignement/-/issues/14
https://glassfish.org/docs/latest/security-guide.html#securing-glassfish-server
https://gitlab.eclipse.org/security/cve-assignement/-/issues/14
https://glassfish.org/docs/latest/security-guide.html#securing-glassfish-server

Products affected by CVE-2023-5763

Eclipse » Glassfish » Version: 5.1.0

cpe:2.3:a:eclipse:glassfish:5.1.0
Eclipse » Glassfish » Version: 6.0.0

cpe:2.3:a:eclipse:glassfish:6.0.0
Eclipse » Glassfish » Version: 6.2.5

cpe:2.3:a:eclipse:glassfish:6.2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5763

Products

Pricing

Contact Us