Ubuntu.comUB:CVE-2016-8328CVE-2016-8328
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
0.003 Low
EPSS
Percentile
71.7%
Vulnerability in the Java SE component of Oracle Java SE (subcomponent:
Java Mission Control). The supported version that is affected is Java SE:
8u112. Difficult to exploit vulnerability allows unauthenticated attacker
with network access via multiple protocols to compromise Java SE.
Successful attacks of this vulnerability can result in unauthorized update,
insert or delete access to some of Java SE accessible data. Note: Applies
to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity
impacts).
Notes
| Author | Note |
|---|---|
| sbeattie | Java Mission Control component, in Oracle java only |
References
www.oracle.com/ocom/groups/public/@otn/documents/webcontent/3432537.xml
www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA
launchpad.net/bugs/cve/CVE-2016-8328
nvd.nist.gov/vuln/detail/CVE-2016-8328
security-tracker.debian.org/tracker/CVE-2016-8328
www.cve.org/CVERecord?id=CVE-2016-8328
Related
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
0.003 Low
EPSS
Percentile
71.7%