Plattform
java
Komponente
org.glassfish.main.admingui:console-common
Behoben in
6.2.6
6.2.6
CVE-2024-9408 describes a Server Side Request Forgery (SSRF) vulnerability discovered in Eclipse GlassFish. This flaw allows attackers to manipulate the application into making requests to unintended internal or external resources, potentially leading to data exposure or further exploitation. The vulnerability impacts GlassFish versions 6.2.5 and earlier, and a fix is available in version 6.2.6.
The SSRF vulnerability in GlassFish allows an attacker to craft malicious requests that the server will execute on behalf of the attacker. This can be used to scan internal networks, access sensitive data stored within the GlassFish environment (such as configuration files or database credentials), or even interact with other internal services. Successful exploitation could lead to unauthorized access to internal resources, data breaches, and potentially, a foothold for further attacks within the network. While direct remote code execution is unlikely, the ability to interact with internal services through SSRF can be a significant risk, especially in environments with poorly secured internal systems.
CVE-2024-9408 was published on 2025-07-16. There is currently no indication of active exploitation in the wild. No public proof-of-concept (PoC) code has been released. The vulnerability is not currently listed on the CISA KEV catalog. The SSRF vulnerability type is commonly exploited, and while no immediate exploitation is observed, it remains a potential risk.
Organizations running GlassFish version 6.2.5 or earlier, particularly those with sensitive data stored within the GlassFish environment or exposed through internal services, are at risk. Shared hosting environments utilizing GlassFish are also vulnerable, as they may lack the ability to independently patch the underlying server software.
• java / server: Monitor GlassFish server logs for unusual outbound requests, particularly those targeting internal IP addresses or sensitive endpoints. Use network monitoring tools to detect suspicious traffic originating from the GlassFish server.
journalctl -u glassfish | grep -i "request to"• generic web: Use a web application firewall (WAF) to filter outbound requests and block those that appear malicious. Configure the WAF to inspect HTTP headers and request bodies for suspicious patterns. • generic web: Check access logs for requests to unusual or unexpected internal endpoints. • generic web: Examine response headers for signs of SSRF exploitation, such as redirects to internal resources.
disclosure
Exploit-Status
EPSS
0.07% (22% Perzentil)
CISA SSVC
The primary mitigation for CVE-2024-9408 is to upgrade to GlassFish version 6.2.6 or later, which includes the necessary fix. If upgrading immediately is not possible, consider implementing temporary workarounds. These may include restricting outbound network access from the GlassFish server using a firewall or proxy server, limiting the endpoints accessible through the admin console, and carefully reviewing and restricting any user-supplied input that could be used to construct malicious requests. After upgrading, confirm the fix by attempting to trigger the SSRF vulnerability using the previously identified attack vectors and verifying that the requests are now blocked or redirected.
Aktualisieren Sie Eclipse GlassFish auf eine Version nach 6.2.5, die die Server Side Request Forgery (SSRF) Schwachstelle behoben hat. Konsultieren Sie die Versionshinweise und Sicherheitsupdates, die von der Eclipse Foundation bereitgestellt werden, für spezifische Anweisungen zur Aktualisierung.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-9408 is a Server Side Request Forgery vulnerability affecting GlassFish versions up to 6.2.5, allowing attackers to make requests on behalf of the server.
You are affected if you are running Eclipse GlassFish version 6.2.5 or earlier. Upgrade to 6.2.6 or later to mitigate the risk.
Upgrade to GlassFish version 6.2.6 or later. As a temporary workaround, restrict outbound network access and limit accessible endpoints.
There is currently no indication of active exploitation in the wild, but the vulnerability remains a potential risk.
Refer to the official Eclipse GlassFish security advisories for detailed information and updates: https://glassfish.org/security
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine pom.xml-Datei hoch und wir sagen dir sofort, ob du betroffen bist.