CVE-2017-3247 in GlassFish Serverinfo

Zusammenfassung (Englisch)

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMTP to compromise Oracle GlassFish Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle GlassFish Server accessible data. CVSS v3.0 Base Score 4.3 (Integrity impacts).

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservieren

06.12.2016

Veröffentlichung

27.01.2017

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

IDSchwachstelleCWEAusMasCVE
95571Oracle GlassFish Server erweiterte Rechte284Nicht definiertOffizieller FixCVE-2017-3247

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

ZurückÜbersichtWeiter

Do you need the next level of professionalism?

Upgrade your account now!