CVE-2024-9342

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.4%

EPSS Percentile

32th

In Eclipse GlassFish versions before 8.0.3 it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts. GlassFish 8.0.3 adds automatic attack protection documented in https://glassfish.org/docs/latest/security-guide.html#brute-force-attack-protection .

CWE	CWE-307
Vendor	eclipse foundation
Product	eclipse glassfish
Published	Jul 16, 2025
Last Updated	Jun 18, 2026

Stay Ahead of the Next One

Get instant alerts for eclipse foundation eclipse glassfish

Be the first to know when new unknown vulnerabilities affecting eclipse foundation eclipse glassfish are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Eclipse Foundation / Eclipse Glassfish

5.1.0 6.0.0 ≤ 6.2.5 7.0.0 ≤ 7.0.25 7.1.0 8.0.0 < 8.0.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

gitlab.eclipse.org: https://gitlab.eclipse.org/security/cve-assignement/-/issues/33

Credits

🔍 Marco Ventura 🔍 Claudia Bartolini 🔍 Andrea Carlo Maria Dattola 🔍 Debora Esposito 🔍 Massimiliano Brolli