Skip to content

Commit ff601de

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-99f7-hp6j-v6q4 GHSA-99f7-hp6j-v6q4
1 parent a597275 commit ff601de

File tree

2 files changed

+65
-40
lines changed

2 files changed

+65
-40
lines changed

advisories/github-reviewed/2025/07/GHSA-99f7-hp6j-v6q4/GHSA-99f7-hp6j-v6q4.json

Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-99f7-hp6j-v6q4",
4+
"modified": "2025-07-18T17:23:26Z",
5+
"published": "2025-07-16T12:30:22Z",
6+
"aliases": [
7+
"CVE-2024-9342"
8+
],
9+
"summary": "Eclipse GlassFish is vulnerable to Login Brute Force attacks through unlimited failed login attempts",
10+
"details": "In Eclipse GlassFish version 7.0.16 or earlier, it is possible to perform login brute force attacks as there is no limitation on the number of failed login attempts.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V4",
14+
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Maven",
21+
"name": "org.glassfish.main.admingui:console-common"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"last_affected": "7.0.25"
32+
}
33+
]
34+
}
35+
]
36+
}
37+
],
38+
"references": [
39+
{
40+
"type": "ADVISORY",
41+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9342"
42+
},
43+
{
44+
"type": "PACKAGE",
45+
"url": "https://github.com/eclipse-ee4j/glassfish"
46+
},
47+
{
48+
"type": "WEB",
49+
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/33"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/231"
54+
}
55+
],
56+
"database_specific": {
57+
"cwe_ids": [
58+
"CWE-307"
59+
],
60+
"severity": "MODERATE",
61+
"github_reviewed": true,
62+
"github_reviewed_at": "2025-07-18T17:23:26Z",
63+
"nvd_published_at": "2025-07-16T11:15:23Z"
64+
}
65+
}

advisories/unreviewed/2025/07/GHSA-99f7-hp6j-v6q4/GHSA-99f7-hp6j-v6q4.json

Lines changed: 0 additions & 40 deletions
This file was deleted.

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy