CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
Percentile
74.4%
Vulnerability in the Java SE, JRockit component of Oracle Java SE
(subcomponent: Serialization). Supported versions that are affected are
Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
multiple protocols to compromise Java SE, JRockit. Successful attacks of
this vulnerability can result in unauthorized ability to cause a partial
denial of service (partial DOS) of Java SE, JRockit. Note: This
vulnerability can only be exploited by supplying data to APIs in the
specified Component without using Untrusted Java Web Start applications or
Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score
5.3 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Author | Note |
---|---|
sbeattie | oracle only |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
Percentile
74.4%