CVE-2024-9408
Severity CVSS v4.0:
HIGH
Type:
CWE-918
Server-Side Request Forgery (SSRF)
Publication date:
16/07/2025
Last modified:
16/07/2025
Description
In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints.
Impact
Base Score 4.0
8.90
Severity 4.0
HIGH
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:eclipse:glassfish:6.2.5:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page



