CVE-2016-3427
Published: 21 April 2016
Summary
CVE-2016-3427 is a critical-severity Improper Access Control (CWE-284) vulnerability in Redhat Enterprise Linux Eus. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 0.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2016-3427 is an unspecified vulnerability affecting Oracle Java SE 6u113, 7u99, and 8u77, Java SE Embedded 8u77, and JRockit R28.3.9. It is tied to the JMX component and carries a CVSS 3.1 base score of 9.8, reflecting the potential for complete loss of confidentiality, integrity, and availability. The associated CWEs point to improper access control with no further technical detail provided in the advisory.
Remote attackers can exploit the flaw over the network without authentication or user interaction. Successful exploitation grants the ability to fully compromise the confidentiality, integrity, and availability of affected Java installations, consistent with the high-impact metrics in the CVSS vector.
The listed references consist of OpenSUSE security announcements that address the issue through updated Java packages; practitioners should apply the corresponding patches or newer Java releases to eliminate the exposure. No information on observed in-the-wild exploitation is supplied in the source data.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2016-4453
Vulnerability details
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
- CWE(s)
- KEV Date Added
- 12 May 2023
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely application of vendor patches to eliminate the known JMX flaw in affected Java versions.
Enforces access-control decisions on the JMX interface, blocking the unauthenticated remote exploitation path described in the CVE.
Restricts network access to JMX ports and management interfaces, limiting exposure of the vulnerable component to untrusted remote actors.