CVE-2016-3427

CRITICAL KEV

Oracle Jdk < 9.0.4 - Improper Access Control

Title source: rule

Description

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

References (60)

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-0650.html

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-0651.html

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-0675.html

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-0676.html

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-0677.html

... and 40 more

Scores

CVSS v3 9.8

EPSS 0.9389

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2023-05-12

VulnCheck KEV 2023-05-12

InTheWild.io 2023-05-12

ENISA EUVD EUVD-2016-4453

CWE

CWE-284

Status published

Products (49)

apache/cassandra 4.0.0 beta1

apache/cassandra 2.1.0 - 2.1.22

canonical/ubuntu_linux 12.04

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 15.10

canonical/ubuntu_linux 16.04

debian/debian_linux 8.0

netapp/e-series_santricity_management_plug-ins

netapp/e-series_santricity_storage_manager

netapp/e-series_santricity_web_services

... and 39 more

Published Apr 21, 2016

KEV Added May 12, 2023

Tracked Since Feb 18, 2026