Vulnerability Description
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Jdk | 1.6.0 |
| Oracle | Jre | 1.6.0 |
| Oracle | Jrockit | r28.3.9 |
| Oracle | Linux | 5 |
| Canonical | Ubuntu Linux | 12.04 |
| Debian | Debian Linux | 8.0 |
| Netapp | E-Series Santricity Management Plug-Ins | - |
| Netapp | E-Series Santricity Storage Manager | - |
| Netapp | E-Series Santricity Web Services | - |
| Netapp | Oncommand Balance | - |
| Netapp | Oncommand Cloud Manager | - |
| Netapp | Oncommand Insight | - |
| Netapp | Oncommand Performance Manager | - |
| Netapp | Oncommand Report | - |
| Netapp | Oncommand Shift | - |
| Netapp | Oncommand Unified Manager | - |
| Netapp | Oncommand Workflow Automation | - |
| Netapp | Storagegrid | <= 9.0.4 |
| Netapp | Vasa Provider For Clustered Data Ontap | >= 7.2 |
| Netapp | Virtual Storage Console | >= 7.2 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2016-3427?
CVE-2016-3427 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors...
How severe is CVE-2016-3427?
CVE-2016-3427 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-3427?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Jdk, Oracle Jre, Oracle Jrockit, Oracle Linux, Canonical Ubuntu Linux.