{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T05:39:41.193","vulnerabilities":[{"cve":{"id":"CVE-2017-3247","sourceIdentifier":"secalert_us@oracle.com","published":"2017-01-27T22:59:02.523","lastModified":"2026-05-13T00:24:29.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMTP to compromise Oracle GlassFish Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle GlassFish Server accessible data. CVSS v3.0 Base Score 4.3 (Integrity impacts)."},{"lang":"es","value":"Vulnerabilidad en el componente Oracle GlassFish Server de Oracle Fusion Middleware (subcomponente: Core). Versiones compatibles que están afectadas son 2.1.1, 3.0.1 y 3.1.2. Vulnerabilidad fácilmente explotable permite a atacante no autenticado con acceso a la red a través de SMTP, comprometer Oracle GlassFish Server. Ataques exitosos requieren interacción humana de una persona distinta del atacante. Ataques exitosos de esta vulnerabilidad pueden resultar en actualización no autorizada, inserción o borrado de acceso a algunos datos accesibles de Oracle GlassFish Server. CVSS v3.0 Base Score 4.3 (Impactos de Integridad)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"0E80F5AC-A2EF-4D8A-AE8F-5DD0FF9B48C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*","matchCriteriaId":"A56AAEB5-E5A5-44A4-8B82-0C465122F2C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*","matchCriteriaId":"5C8196D0-06A9-4A0B-8864-AA8E8CF2DDB0"}]}]}],"references":[{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/95483","source":"secalert_us@oracle.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/95483","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}