Vulnerability
In Oracle GlassFish Server Open Source Edition 4.1 the Administration Console is listening by default on port 4848/TCP, and is prone to a directory traversal vulnerability. This vulnerability can be exploited by issuing a specially crafted HTTP GET request.
Impact
This vulnerability can be exploited by remote attackers to access sensitive data on the server being authenticated.
Mitigation / Precaution
We recommend you to update GlassFish Server to the latest version.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
