1
Candidate: CVE-2017-3239
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3239
5
http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/3432537.xml
6
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixFMW
8
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion
9
Middleware (subcomponent: Administration). Supported versions that are
10
affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low
11
privileged attacker with logon to the infrastructure where Oracle GlassFish
12
Server executes to compromise Oracle GlassFish Server. Successful attacks
13
of this vulnerability can result in unauthorized read access to a subset of
14
Oracle GlassFish Server accessible data. CVSS v3.0 Base Score 3.3
15
(Confidentiality impacts).
18
sbeattie> glassfish 3.x only
25
upstream_glassfish: needs-triage
26
precise_glassfish: not-affected (3.x only)
27
trusty_glassfish: not-affected (3.x only)
28
vivid/stable-phone-overlay_glassfish: DNE
29
vivid/ubuntu-core_glassfish: DNE
30
xenial_glassfish: not-affected (3.x only)
31
yakkety_glassfish: not-affected (3.x only)
32
devel_glassfish: not-affected (3.x only)