Lucene search

[email protected]NVD:CVE-2016-3426

HistoryApr 21, 2016 - 11:00 a.m.

CVE-2016-3426

2016-04-2111:00:20

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

5.7

Confidence

Low

EPSS

0.007

Percentile

80.3%

JSON

Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.

Affected configurations

Nvd

Node

oraclejdkMatch1.8.0update77

oraclejreMatch1.8.0update77

References

lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html

rhn.redhat.com/errata/RHSA-2016-0650.html

rhn.redhat.com/errata/RHSA-2016-0651.html

rhn.redhat.com/errata/RHSA-2016-0677.html

rhn.redhat.com/errata/RHSA-2016-0701.html

rhn.redhat.com/errata/RHSA-2016-0702.html

rhn.redhat.com/errata/RHSA-2016-0708.html

rhn.redhat.com/errata/RHSA-2016-0716.html

rhn.redhat.com/errata/RHSA-2016-1039.html

www.debian.org/security/2016/dsa-3558

www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.securityfocus.com/bid/86449

www.securitytracker.com/id/1035596

www.ubuntu.com/usn/USN-2963-1

access.redhat.com/errata/RHSA-2016:1430

access.redhat.com/errata/RHSA-2017:1216

security.gentoo.org/glsa/201610-08

security.netapp.com/advisory/ntap-20160420-0001/

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

5.7

Confidence

Low

EPSS

0.007

Percentile

80.3%

JSON

Related for NVD:CVE-2016-3426

ibm91 openvas25 cve1 prion1 ubuntucve1 veracode1 debiancve1 cvelist1 nessus36 oraclelinux2 ubuntu1 suse11 amazon1 redhat10 centos2 mageia1 f52 osv1 debian2 kaspersky1 aix1 gentoo1 oracle1