Design/Logic Flaw

2016-10-2514:30:00

PRIOn knowledge base

www.prio-n.com

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.0%

JSON

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.

CPENameOperatorVersion
jdkeq1.8.0 update101
jdkeq1.8.0 update102
jdkeq1.7.0 update111
jdkeq1.6.0 update121
jreeq1.6.0 update121
jreeq1.7.0 update111
jreeq1.8.0 update101
jreeq1.8.0 update102

Name	Operator	Version
jdk	eq	1.8.0 update101
jdk	eq	1.8.0 update102
jdk	eq	1.7.0 update111
jdk	eq	1.6.0 update121
jre	eq	1.6.0 update121
jre	eq	1.7.0 update111
jre	eq	1.8.0 update101
jre	eq	1.8.0 update102