EUVD-2023-2849

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Remote code execution via insecure ORB listeners in Eclipse Glassfish with old JDK versions

Reporter	Title	Published	Views	Family All 12
CNNVD	Eclipse Glassfish Security Vulnerability	3 Nov 202300:00	–	cnnvd
CVE	CVE-2023-5763	3 Nov 202306:40	–	cve
Cvelist	CVE-2023-5763 Glassfish remote code execution	3 Nov 202306:40	–	cvelist
Github Security Blog	Eclipse Glassfish remote code execution issue	3 Nov 202309:32	–	github
NVD	CVE-2023-5763	3 Nov 202307:15	–	nvd
OSV	GHSA-2MW4-WJ8C-7F93 Eclipse Glassfish remote code execution issue	3 Nov 202309:32	–	osv
Prion	Code injection	3 Nov 202307:15	–	prion
Positive Technologies	PT-2023-7311 · Oracle +1 · Jdk +1	25 Oct 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-5763	23 May 202505:06	–	redhatcve
Veracode	Remote Code Execution (RCE)	6 Nov 202307:07	–	veracode

[
  {
    "enisaIdVendor": [
      {
        "id": "6d85a6c7-ce4a-3a2a-931e-59c15c62d4d1",
        "vendor": {
          "name": "Eclipse Foundation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0f632531-cafe-3d12-9be6-28d8938c099a",
        "product": {
          "name": "Glassfish"
        },
        "product_version": "5.0 ≤5.1"
      },
      {
        "id": "659ddf97-bc89-3b16-86ad-7c98ebbcca17",
        "product": {
          "name": "Glassfish"
        },
        "product_version": "6.0.0 ≤6.2.5"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-5763
gitlab	www.gitlab.eclipse.org/security/cve-assignement/-/issues/14
glassfish	www.glassfish.org/docs/latest/security-guide.html

03 Oct 2025 20:07Current

9.2High risk

Vulners AI Score9.2

CVSS 3.16.8 - 9.8

EPSS0.00154

SSVC