Lucene search

K
nvd[email protected]NVD:CVE-2016-3427
HistoryApr 21, 2016 - 11:00 a.m.

CVE-2016-3427

2016-04-2111:00:21
web.nvd.nist.gov

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

EPSS

0.49

Percentile

97.5%

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

Affected configurations

NVD
Node
oraclejdkMatch1.6.0update113
OR
oraclejdkMatch1.7.0update99
OR
oraclejdkMatch1.8.0update77
OR
oraclejreMatch1.6.0update113
OR
oraclejreMatch1.7.0update99
OR
oraclejreMatch1.8.0update77
OR
oraclejrockitMatchr28.3.9
OR
oraclelinuxMatch5-
OR
oraclelinuxMatch6-
OR
oraclelinuxMatch7-
Node
canonicalubuntu_linuxMatch12.04-
OR
canonicalubuntu_linuxMatch14.04esm
OR
canonicalubuntu_linuxMatch15.10
OR
canonicalubuntu_linuxMatch16.04esm
Node
debiandebian_linuxMatch8.0
Node
netappe-series_santricity_management_plug-insMatch-vmware_vcenter
OR
netappe-series_santricity_storage_managerMatch-
OR
netappe-series_santricity_web_servicesMatch-web_services_proxy
OR
netapponcommand_balanceMatch-
OR
netapponcommand_cloud_managerMatch-
OR
netapponcommand_insightMatch-
OR
netapponcommand_performance_managerMatch-
OR
netapponcommand_reportMatch-
OR
netapponcommand_shiftMatch-
OR
netapponcommand_unified_managerMatch-7-mode
OR
netapponcommand_unified_managerMatch-clustered_data_ontap
OR
netapponcommand_workflow_automationMatch-
OR
netappstoragegridRange9.0.4
OR
netappvasa_provider_for_clustered_data_ontapRange7.2
OR
netappvirtual_storage_consoleRange7.2vmware_vsphere
Node
apachecassandraRange2.1.02.1.22
OR
apachecassandraRange2.2.02.2.18
OR
apachecassandraRange3.0.03.0.22
OR
apachecassandraRange3.11.03.11.8
OR
apachecassandraMatch4.0.0beta1
Node
redhatsatelliteMatch5.6
OR
redhatsatelliteMatch5.7
OR
redhatenterprise_linux_desktopMatch5.0
OR
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_eusMatch6.7
OR
redhatenterprise_linux_eusMatch7.2
OR
redhatenterprise_linux_eusMatch7.3
OR
redhatenterprise_linux_eusMatch7.4
OR
redhatenterprise_linux_eusMatch7.5
OR
redhatenterprise_linux_eusMatch7.6
OR
redhatenterprise_linux_eusMatch7.7
OR
redhatenterprise_linux_serverMatch5.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_server_ausMatch7.2
OR
redhatenterprise_linux_server_ausMatch7.3
OR
redhatenterprise_linux_server_ausMatch7.4
OR
redhatenterprise_linux_server_ausMatch7.6
OR
redhatenterprise_linux_server_ausMatch7.7
OR
redhatenterprise_linux_server_eusMatch6.7
OR
redhatenterprise_linux_server_eusMatch7.2
OR
redhatenterprise_linux_server_tusMatch7.2
OR
redhatenterprise_linux_server_tusMatch7.3
OR
redhatenterprise_linux_server_tusMatch7.6
OR
redhatenterprise_linux_server_tusMatch7.7
OR
redhatenterprise_linux_workstationMatch5.0
OR
redhatenterprise_linux_workstationMatch6.0
OR
redhatenterprise_linux_workstationMatch7.0
Node
suselinux_enterprise_module_for_legacyMatch12
OR
susemanagerMatch2.1
OR
susemanager_proxyMatch2.1
OR
suseopenstack_cloudMatch5
OR
opensuseleapMatch42.1
OR
opensuseopensuseMatch13.1
OR
opensuseopensuseMatch13.2
OR
suselinux_enterprise_desktopMatch12-
OR
suselinux_enterprise_desktopMatch12sp1
OR
suselinux_enterprise_serverMatch10sp4ltss
OR
suselinux_enterprise_serverMatch11sp2ltss
OR
suselinux_enterprise_serverMatch11sp3ltss
OR
suselinux_enterprise_serverMatch11sp4
OR
suselinux_enterprise_serverMatch12-
OR
suselinux_enterprise_serverMatch12sp1
OR
suselinux_enterprise_software_development_kitMatch11sp4
OR
suselinux_enterprise_software_development_kitMatch12sp1

References

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

EPSS

0.49

Percentile

97.5%