How severe is CVE-2017-3250?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2017-3250?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2017-3250 - HIGH Severity | CVSS 7.3

Vulnerability Description

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle GlassFish Server accessible data as well as unauthorized read access to a subset of Oracle GlassFish Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GlassFish Server. CVSS v3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts).

Related Vulnerabilities

CVE-1999-0059

HIGH

CVSS:7.3(High)

IRIX fam service allows an attacker to obtain a list of all files on the server.

CWE-2001999

CVE-2016-5722

HIGH

CVSS:7.3(High)

Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct r...

CWE-2002016

CVE-2017-8460

HIGH

CVSS:7.3(High)

Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows information disclosure when a user opens a specially craf...

CWE-2002017

CVE-2018-21071

HIGH

CVSS:7.3(High)

An issue was discovered on Samsung mobile devices with M(6.0) software. Because of an unprotected intent, an attacker can read arbitrary files and emails, and take over an email account. The Samsung I...

CWE-2002018

CVE-2024-9627

HIGH

CVSS:7.3(High)

The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'service_process' function in all versions up to, a...

CWE-2002024

CVE-2016-7561

HIGH

CVSS:7.2(High)

Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file.

CWE-2002016