CVE-2017-3250 in GlassFish Server
Summary
by MITRE
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle GlassFish Server accessible data as well as unauthorized read access to a subset of Oracle GlassFish Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GlassFish Server. CVSS v3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts).
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 05/15/2026
The vulnerability identified as CVE-2017-3250 represents a critical security flaw within Oracle GlassFish Server, specifically within the Security subcomponent of Oracle Fusion Middleware. This vulnerability affects multiple versions including 2.1.1, 3.0.1, and 3.1.2, making it a widespread concern for organizations utilizing these server implementations. The flaw manifests as an easily exploitable weakness that requires minimal prerequisites for exploitation, as attackers can initiate attacks from any network location without requiring authentication credentials. This characteristic significantly increases the attack surface and makes the vulnerability particularly dangerous in environments where network exposure is unavoidable.
The technical nature of this vulnerability stems from insufficient authentication and authorization mechanisms within the GlassFish Server's security framework. Attackers can leverage HTTP connections to exploit this weakness, bypassing normal security controls that should typically prevent unauthorized access to server resources. The vulnerability's classification as a CWE-287 (Improper Authentication) and its alignment with ATT&CK technique T1078 (Valid Accounts) demonstrates how this flaw enables attackers to escalate privileges and gain unauthorized access to sensitive server components. The attack vector requires only network connectivity via HTTP, making it accessible to attackers regardless of their physical location or direct system access.
The operational impact of CVE-2017-3250 extends across multiple security domains, creating significant risks for affected organizations. Successful exploitation allows attackers to perform unauthorized data modifications including updates, inserts, and deletions within accessible server data repositories. This data integrity compromise can lead to manipulation of critical business information, application configurations, or user data stored within the GlassFish environment. Additionally, the vulnerability enables unauthorized read access to sensitive data subsets, potentially exposing confidential information such as user credentials, business data, or system configurations. The partial denial of service capability further compounds the risk by allowing attackers to disrupt server operations and availability, impacting business continuity and service delivery. The CVSS v3.0 base score of 7.3 indicates a high-severity threat that requires immediate attention and remediation.
Organizations affected by this vulnerability should implement immediate mitigations to protect their GlassFish Server deployments. The primary recommended action involves applying Oracle's security patches and updates released specifically to address this vulnerability. Network-level protections such as firewall restrictions, access control lists, and limiting HTTP exposure can provide temporary mitigation while permanent fixes are implemented. Security monitoring should be enhanced to detect suspicious HTTP traffic patterns and unauthorized access attempts. Additionally, organizations should conduct comprehensive security assessments to identify all GlassFish Server instances and verify their patch status. The implementation of network segmentation and principle of least privilege access controls can help reduce the potential impact if exploitation occurs. Regular security audits and vulnerability scanning should be conducted to ensure ongoing protection against similar threats and to maintain compliance with industry standards such as those outlined in the OWASP Top Ten and NIST cybersecurity frameworks.