CVE-2016-3427

CVE Published	2016-04-21
Related Vendor(s)	redhat, oracle, suse, canonical, apache, netapp, opensuse, debian
Related Product(s)	enterprise_linux_server_eus, leap, opensuse, e-series_santricity_management_plug-ins, oncommand_workflow_automation, linux_enterprise_module_for_legacy, virtual_storage_console, manager, openstack_cloud, linux, storagegrid, e-series_santricity_web_services, cassandra, jdk, linux_enterprise_server, linux_enterprise_software_development_kit, oncommand_report, enterprise_linux_desktop, oncommand_unified_manager, oncommand_shift, enterprise_linux_workstation, oncommand_performance_manager, enterprise_linux_eus, debian_linux, oncommand_cloud_manager, ubuntu_linux, satellite, enterprise_linux_server_aus, jre, vasa_provider_for_clustered_data_ontap, manager_proxy, oncommand_insight, enterprise_linux_server, jrockit, linux_enterprise_desktop, e-series_santricity_storage_manager, oncommand_balance, enterprise_linux_server_tus
Exploitation Reported (CISA KEV)	2023-05-12
CVSS 3 Base Score	9.8 (CRITICAL)
CVSS 3 Attack Complexity	LOW
CVSS 3 Attack Vector	NETWORK

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

Cyber Threat Graph Context

Explore how this CVE relates to the wider threat graph

References

CVE-2016-3427

Cyber Threat Graph Context

References

CVE.org

NIST National Vulnerability Database

CISA Known Exploited Vulnerabilities