CVE-2023-5763 — MEDIUM (6.8)

Q: How severe is CVE-2023-5763?

CVE-2023-5763 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-5763?

Check the references section above for vendor advisories and patch information. Affected products include: Eclipse Glassfish.

Vulnerability Description

In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Eclipse	Glassfish	>= 5.0.0, <= 6.2.5

Related Weaknesses (CWE)

CWE-20 CWE-913

References

https://gitlab.eclipse.org/security/cve-assignement/-/issues/14Issue TrackingVendor Advisory
https://glassfish.org/docs/latest/security-guide.html#securing-glassfish-serverProduct
https://gitlab.eclipse.org/security/cve-assignement/-/issues/14Issue TrackingVendor Advisory
https://glassfish.org/docs/latest/security-guide.html#securing-glassfish-serverProduct

FAQ

What is CVE-2023-5763?

CVE-2023-5763 is a vulnerability with a CVSS score of 6.8 (MEDIUM). In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listen...

How severe is CVE-2023-5763?

CVE-2023-5763 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-5763?

Check the references section above for vendor advisories and patch information. Affected products include: Eclipse Glassfish.