Vulnerability Database

314,343

Total vulnerabilities in the database

CVE-2013-3827

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.

Published: Oct 16, 2013
Updated: Nov 9, 2025
CVE: CVE-2013-3827
GHSA: GHSA-q388-j7cw-ff7w
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
oracle / fusion_middleware	3.1.2	3.1.2.x
oracle / fusion_middleware	12.1.1	12.1.1.x
oracle / fusion_middleware	3.0.1	3.0.1.x
oracle / fusion_middleware	10.3.6	10.3.6.x
oracle / fusion_middleware	2.1.1	2.1.1.x
oracle / fusion_middleware	11.1.2.3.0	11.1.2.3.0.x
oracle / fusion_middleware	12.1.2.0.0	12.1.2.0.0.x
oracle / fusion_middleware	11.1.2.4.0	11.1.2.4.0.x
org.glassfish / javax.faces	2.0.0	2.1.19

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo