Security Vulnerability in Oracle GlassFish Server by Oracle
CVE-2017-3250
7.3HIGH
Summary
The vulnerability in Oracle GlassFish Server facilitates unauthenticated access, allowing attackers with network capabilities to exploit the server. Once compromised, attackers can perform unauthorized operations, such as modifying, inserting, or deleting data. The flaw also exposes sensitive data and enables the attacker to induce partial service disruption, impacting both data integrity and availability. Users of affected versions should assess their systems and apply necessary security patches to mitigate the risks associated with this vulnerability.
Affected Version(s)
GlassFish Server 2.1.1
GlassFish Server 3.0.1
GlassFish Server 3.1.2
References
CVSS V3.1
Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved