CISA KEV 정보
| 취약점명 | Oracle Java SE and JRockit Unspecified Vulnerability |
|---|---|
| 설명 | Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. |
| 조치사항 | Apply updates per vendor instructions. |
| 랜섬웨어 캠페인 악용 | Unknown |
| 등록일 (KEV) | 2023-05-12 |
| 조치 기한 | 2023-06-02 |
| 추가 참고 | https://www.oracle.com/security-alerts/cpuapr2016v3.html; https://nvd.nist.gov/vuln/detail/CVE-2016-3427 |
NVD 상세 정보
CVSS v3.1: 9.8 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCVSS v2.0: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C설명: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
CWE: CWE-284
참조
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html [Mailing List, Third Party Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html [Mailing List, Third Party Advisory]
- ... 외 104건
This product uses the NVD API but is not endorsed or certified by the NVD.