Vulnerability Details CVE-2024-9342
In Eclipse GlassFish versions before 8.0.3 it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts. GlassFish 8.0.3 adds automatic attack protection documented in https://glassfish.org/docs/latest/security-guide.html#brute-force-attack-protection .
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 32.0%
CVSS Severity
CVSS v3 Score 9.8