Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2018-14324HistoryJul 16, 2018 - 6:29 p.m.
CVE-2018-14324
2018-07-1618:29:00
Debian Security Bug Tracker
security-tracker.debian.org
10
0.001 Low
EPSS
Percentile
48.5%
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote attackers to obtain potentially sensitive information, perform database operations, or manipulate the demo via a JMX RMI session, aka a “jmx_rmi remote monitoring and control problem.” NOTE: this is not an Oracle supported product.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | glassfish | < 1:2.1.1-b31g+dfsg1-4 | glassfish_1:2.1.1-b31g+dfsg1-4_all.deb |
Related
nvd
nvd
CVE-2018-14324
2018-07-16 18:29:00
prion
prion
Design/Logic Flaw
2018-07-16 18:29:00
openvas
openvas
Oracle GlassFish Open Source 5.0 Demo Feature Default Credentials
2018-07-17 00:00:00
cvelist
cvelist
CVE-2018-14324
2018-07-16 18:00:00
cve
cve
CVE-2018-14324
2018-07-16 18:29:00
ubuntucve
ubuntucve
CVE-2018-14324
2018-07-16 00:00:00