CVE-2024-9342
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-16
Last updated on: 2025-07-16
Assigner: Eclipse Foundation
Description
Description
In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| eclipse | glassfish | 7.0.16 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-307 | The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Eclipse GlassFish version 7.0.16 or earlier allows an attacker to perform Login Brute Force attacks because there is no limitation on the number of failed login attempts.
How can this vulnerability impact me? :
The vulnerability can allow attackers to repeatedly attempt to guess login credentials without restriction, potentially leading to unauthorized access if valid credentials are discovered.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70