Lucene search

[email protected]CVE-2016-3426

HistoryApr 21, 2016 - 11:00 a.m.

CVE-2016-3426

2016-04-2111:00:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2016-3426

oracle

java se

vulnerability

remote attackers

confidentiality

jce

nvd

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

80.0%

JSON

Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.

CPENameOperatorVersion
oracle:jdkoracle jdkeq1.8.0
oracle:jreoracle jreeq1.8.0

CPE	Name	Operator	Version
oracle:jdk	oracle jdk	eq	1.8.0
oracle:jre	oracle jre	eq	1.8.0

References

lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html

rhn.redhat.com/errata/RHSA-2016-0650.html

rhn.redhat.com/errata/RHSA-2016-0651.html

rhn.redhat.com/errata/RHSA-2016-0677.html

rhn.redhat.com/errata/RHSA-2016-0701.html

rhn.redhat.com/errata/RHSA-2016-0702.html

rhn.redhat.com/errata/RHSA-2016-0708.html

rhn.redhat.com/errata/RHSA-2016-0716.html

rhn.redhat.com/errata/RHSA-2016-1039.html

www.debian.org/security/2016/dsa-3558

www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.securityfocus.com/bid/86449

www.securitytracker.com/id/1035596

www.ubuntu.com/usn/USN-2963-1

access.redhat.com/errata/RHSA-2016:1430

access.redhat.com/errata/RHSA-2017:1216

security.gentoo.org/glsa/201610-08

security.netapp.com/advisory/ntap-20160420-0001/

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

80.0%

JSON

Related for CVE-2016-3426

ibm91 openvas25 prion1 ubuntucve1 veracode1 debiancve1 nessus36 kaspersky1 ubuntu1 oraclelinux2 suse11 amazon1 mageia1 redhat10 centos2 f52 osv1 debian2 aix1 gentoo1 oracle1