CVE-2017-1000029: Infoleak
First published: Thu Jul 13 2017(Updated: )
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle GlassFish Enterprise Server | =3.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-1000029?
CVE-2017-1000029 has a high severity rating due to its potential for local file inclusion leading to arbitrary file access on the server.
How do I fix CVE-2017-1000029?
To fix CVE-2017-1000029, you should upgrade Oracle GlassFish Server to a version that does not contain this vulnerability.
Who is affected by CVE-2017-1000029?
CVE-2017-1000029 affects users of Oracle GlassFish Server Open Source Edition 3.0.1.
What type of vulnerability is CVE-2017-1000029?
CVE-2017-1000029 is classified as a Local File Inclusion vulnerability.
Can CVE-2017-1000029 be exploited remotely?
Yes, CVE-2017-1000029 can be exploited without any prior authentication, allowing remote attackers to execute malicious actions.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/oracle
- canonical/oracle glassfish enterprise server
- version/oracle glassfish enterprise server/3.0.1