CVE-2016-3427

Description

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

9.8 Critical

Impact Score:

5.9

Exploitability Score:

3.9

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

Products

Exploited in the Wild

Reported by:

mkienow-r7 indicated sources as

Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)
Other: CISA Gov Alert (https://www.cisa.gov/news-events/alerts/2023/05/12/cisa-adds-seven-known-exploited-vulnerabilities-catalog)

Reported: May 13, 2023 1:25am UTC (1 year ago)

AttackerKB Worker indicated source as Government or Industry Alert (https://www.cisa.gov/news-events/alerts/2023/05/12/cisa-adds-seven-known-exploited-vulnerabilities-catalog)

Reported: November 08, 2024 8:28am UTC (3 months ago)

References

Canonical

CVE-2016-3427 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3427)

BID-86421 (http://www.securityfocus.com/bid/86421)

Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html

http://rhn.redhat.com/errata/RHSA-2016-0677.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html

http://rhn.redhat.com/errata/RHSA-2016-1039.html

http://rhn.redhat.com/errata/RHSA-2016-0701.html

USN-2972-1 (http://www.ubuntu.com/usn/USN-2972-1)

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html

SECTRACK-1037331 (http://www.securitytracker.com/id/1037331)

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html

http://rhn.redhat.com/errata/RHSA-2016-0676.html

https://access.redhat.com/errata/RHSA-2016:1430

https://security.netapp.com/advisory/ntap-20160420-0001

http://rhn.redhat.com/errata/RHSA-2016-0708.html

http://rhn.redhat.com/errata/RHSA-2016-0723.html

http://rhn.redhat.com/errata/RHSA-2016-0651.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html

https://kc.mcafee.com/corporate/index?page=content&id=SB10159

USN-2964-1 (http://www.ubuntu.com/usn/USN-2964-1)

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html

GLSA-201606-18 (https://security.gentoo.org/glsa/201606-18)

http://rhn.redhat.com/errata/RHSA-2016-0716.html

SECTRACK-1035596 (http://www.securitytracker.com/id/1035596)

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html

USN-2963-1 (http://www.ubuntu.com/usn/USN-2963-1)

http://rhn.redhat.com/errata/RHSA-2016-0675.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html

http://rhn.redhat.com/errata/RHSA-2016-0702.html

http://rhn.redhat.com/errata/RHSA-2016-0679.html

https://access.redhat.com/errata/RHSA-2017:1216

DSA-3558 (http://www.debian.org/security/2016/dsa-3558)

http://rhn.redhat.com/errata/RHSA-2016-0678.html

http://rhn.redhat.com/errata/RHSA-2016-0650.html

[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ (https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ (https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ (https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ (https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ (https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ (https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ (https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ (https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ (https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ (https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ (https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/ (https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/ (https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E)

[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/ (https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E)

[cassandra-user] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX (https://lists.apache.org/thread.html/rc3abf40b06c511d5693baf707d6444bf7745e6a1e343e6f530a12258@%3Cuser.cassandra.apache.org%3E)

[cassandra-dev] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX (https://lists.apache.org/thread.html/r5f48b16573a11fdf0b557cc3d1d71423ecde8ee771c29f32334fa948@%3Cdev.cassandra.apache.org%3E)

[oss-security] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX (http://www.openwall.com/lists/oss-security/2020/08/31/1)

Rapid7

Unknown

Unknown

Unknown

None

None

Network

CVE-2016-3427

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Exploited in the Wild

References

Canonical

Advisory

Additional Info

Technical Analysis

Unknown

CVE-2016-3427

Unknown

Unknown

None

None

Network

CVE-2016-3427

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Exploited in the Wild

References

Canonical

Advisory

Additional Info

Technical Analysis

Quick Cookie Notification