CVE-2016-3427

CVE Database · CVE-2016-3427

CVE-2016-3427

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

92.33%

Published

Apr 21, 2016

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2023-05-12 · Due: 2023-06-02

Apply updates per vendor instructions.

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-284

Affected Products (81)

oracle · jdkvulnerable

oracle · jrevulnerable

oracle · jrockitvulnerable

oracle · linuxvulnerable

canonical · ubuntu_linux

References (20)

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html

Mailing List

KEV Catalog EPSS Scores Vendors All CVEs

canonical · ubuntu_linuxvulnerable

debian · debian_linuxvulnerable

netapp · e-series_santricity_management_plug-insvulnerable

netapp · e-series_santricity_storage_managervulnerable

netapp · e-series_santricity_web_servicesvulnerable

netapp · oncommand_balancevulnerable

netapp · oncommand_cloud_managervulnerable

netapp · oncommand_insightvulnerable

netapp · oncommand_performance_managervulnerable

netapp · oncommand_reportvulnerable

netapp · oncommand_shiftvulnerable

netapp · oncommand_unified_managervulnerable

netapp · oncommand_workflow_automationvulnerable

netapp · storagegridvulnerable

netapp · vasa_provider_for_clustered_data_ontapvulnerable

netapp · virtual_storage_consolevulnerable

apache · cassandra (up to 2.1.22)vulnerable

apache · cassandra (up to 2.2.18)vulnerable

apache · cassandra (up to 3.0.22)vulnerable

apache · cassandra (up to 3.11.8)vulnerable

apache · cassandravulnerable

redhat · satellitevulnerable

redhat · enterprise_linux_desktopvulnerable

redhat · enterprise_linux_eusvulnerable

redhat · enterprise_linux_servervulnerable

Third Party Advisory