Oracle GlassFish Server 2.1.1.x < 188.8.131.52 Information Disclosure (July 2016 CPU)
Medium Nessus Plugin ID 92464
SynopsisThe remote web server is affected by an information disclosure vulnerability.
DescriptionAccording to its self-reported version number, the Oracle GlassFish Server running on the remote host is 2.1.1.x prior to 184.108.40.206. It is, therefore, affected by an unspecified flaw in the Administration subcomponent that allows an unauthenticated, remote attacker to disclose sensitive information.
SolutionUpgrade to Oracle GlassFish Server version 220.127.116.11 or later as referenced in the July 2016 Oracle Critical Patch Update advisory.