CVE-2017-1000028

CVE-2017-1000028

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.

Published Jul 18, 2017

trustwave.com PR #21972

CVSS ScoreHigh

7.5

Vulnerabilities

CVE-2017-1000028

Published Jul 18, 2017

trustwave.com PR #21972

CVSS ScoreHigh

7.5

CVE-2017-1000028 Security Details

CVE ID: CVE-2017-1000028
CWE: CWE-22
CVE Description: Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
Published: Jul 18, 2017
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score: 94.123%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: trustwave.comATTACK
GitHub · PR #21972THIRD_PARTY

CVE-2017-1000028 Security Details

CVE ID: CVE-2017-1000028
CWE: CWE-22
CVE Description: Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
Published: Jul 18, 2017
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score: 94.123%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: trustwave.comATTACK
GitHub · PR #21972THIRD_PARTY

Find vulnerabilities. Fix fast with AI.

CVE-2017-1000028

CVE-2017-1000028 Security Details

CVE-2017-1000028 Security Details