CVE-2017-3239

Name of the Vulnerable Software and Affected Versions Oracle GlassFish Server versions 3.0.1 and 3.1.2

Description The issue allows a low-privileged attacker with logon access to the infrastructure where Oracle GlassFish Server executes to compromise Oracle GlassFish Server. Successful attacks can result in unauthorized read access to a subset of Oracle GlassFish Server accessible data.

Recommendations For Oracle GlassFish Server version 3.0.1, update to a version that includes a fix for this issue. For Oracle GlassFish Server version 3.1.2, update to a version that includes a fix for this issue.