CVE-2023-5763

CVSS V2 None CVSS V3 None

Description

In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.

Overview

CVE ID
CVE-2023-5763

Assigner
eclipse

Vulnerability Status
PUBLISHED

Published Version
2023-11-03T06:40:43.441Z

Last Modified Date
2023-11-03T06:40:43.441Z

Weakness Enumerations

CWE	URL
CWE-913	http://cwe.mitre.org/data/definitions/913.html
CWE-20	http://cwe.mitre.org/data/definitions/20.html

References

Reference URL	Reference Tags
https://glassfish.org/docs/latest/security-guide.html#securing-glassfish-server
https://gitlab.eclipse.org/security/cve-assignement/-/issues/14

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-5763
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5763

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 05:46:01				Added to TrackCVE