CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
94.0%
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities :
A remote code execution vulnerability exists in the Java Messaging Service subcomponent in the readExternal() function due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted object payload, to bypass the ClassFilter.class blacklist and execute arbitrary Java code. (CVE-2016-0638)
Multiple unspecified vulnerabilities exist in the Console subcomponent that allow a remote attacker to affect confidentiality and integrity. (CVE-2016-0675, CVE-2016-0696, CVE-2016-0700, CVE-2016-3416)
An unspecified vulnerability exists in the Core Components subcomponent that allows a remote attacker to affect integrity. (CVE-2016-0688)
Binary data oracle_weblogic_server_cpu_apr_2016.nbin
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0638
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0675
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0688
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0696
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0700
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3416
www.nessus.org/u?ffb7b96f
www.tenable.com/security/research/tra-2016-09
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
94.0%