{"id":"CVE-2016-3427","details":"Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.","modified":"2026-04-10T03:49:33.715351Z","published":"2016-04-21T11:00:21.667Z","related":["CGA-v3rq-pmg5-72w8","MGASA-2016-0149","SUSE-SU-2016:1248-1","SUSE-SU-2016:1250-1","SUSE-SU-2016:1299-1","SUSE-SU-2016:1300-1","SUSE-SU-2016:1303-1","SUSE-SU-2016:1378-1","SUSE-SU-2016:1379-1","SUSE-SU-2016:1458-1","SUSE-SU-2016:1475-1","openSUSE-SU-2024:10197-1","openSUSE-SU-2024:10534-1"],"references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3427"},{"type":"WEB","url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10159"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/86421"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0675.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0716.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0677.html"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2963-1"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-1039.html"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2972-1"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:1430"},{"type":"ADVISORY","url":"https://lists.apache.org/thread.html/r5f48b16573a11fdf0b557cc3d1d71423ecde8ee771c29f32334fa948%40%3Cdev.cassandra.apache.org%3E"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0701.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0723.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0651.html"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2964-1"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0676.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0702.html"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1035596"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1037331"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0708.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20160420-0001/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0650.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0679.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1216"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html"},{"type":"ADVISORY","url":"https://lists.apache.org/thread.html/rc3abf40b06c511d5693baf707d6444bf7745e6a1e343e6f530a12258%40%3Cuser.cassandra.apache.org%3E"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201606-18"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0678.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3558"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"},{"type":"FIX","url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"type":"FIX","url":"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"},{"type":"FIX","url":"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"},{"type":"FIX","url":"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2020/08/31/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/cassandra","events":[{"introduced":"e06c1e8381525363e90ccf694275361e2958647a"},{"fixed":"94e9149c22f6a7772c0015e1b1ef2e2961155c0a"},{"introduced":"437bb9de77f54aa5a4a6a634ab3d2c753a17b3fc"},{"fixed":"d4938cf4e488a9ef3ac48164a3e946f16255d721"},{"introduced":"96f407bce56b98cd824d18e32ee012dbb99a0286"},{"fixed":"45331bb612dc7847efece7e26cdd0b376bd11249"},{"introduced":"88dee7e9d515ad94ecf8f2309f1e6138ec79e1a2"},{"fixed":"8b29b698630960a0ebb2c695cc5b21dee4686d09"},{"introduced":"0"},{"last_affected":"186272edca920c757b91bf95c2392bafa1a38d72"},{"introduced":"0"},{"last_affected":"186272edca920c757b91bf95c2392bafa1a38d72"},{"introduced":"0"},{"last_affected":"186272edca920c757b91bf95c2392bafa1a38d72"},{"introduced":"0"},{"last_affected":"e06c1e8381525363e90ccf694275361e2958647a"},{"introduced":"0"},{"last_affected":"e06c1e8381525363e90ccf694275361e2958647a"}],"database_specific":{"versions":[{"introduced":"2.1.0"},{"fixed":"2.1.22"},{"introduced":"2.2.0"},{"fixed":"2.2.18"},{"introduced":"3.0.0"},{"fixed":"3.0.22"},{"introduced":"3.11.0"},{"fixed":"3.11.8"},{"introduced":"0"},{"last_affected":"5.0"},{"introduced":"0"},{"last_affected":"5.0"},{"introduced":"0"},{"last_affected":"5.0"},{"introduced":"0"},{"last_affected":"2.1"},{"introduced":"0"},{"last_affected":"2.1"}]}}],"versions":["cassandra-1.1.0-beta1","cassandra-1.2.0-beta1","cassandra-1.2.0-beta2","cassandra-2.0.0-beta1","cassandra-2.0.0-beta2","cassandra-2.0.0-rc1","cassandra-2.1.0-beta1","cassandra-2.1.0-beta2","cassandra-2.1.0-deb","cassandra-2.1.0-rc1","cassandra-2.1.0-rc2","cassandra-2.1.1","cassandra-2.1.10","cassandra-2.1.11","cassandra-2.1.12","cassandra-2.1.13","cassandra-2.1.14","cassandra-2.1.15","cassandra-2.1.16","cassandra-2.1.17","cassandra-2.1.18","cassandra-2.1.19","cassandra-2.1.2","cassandra-2.1.20","cassandra-2.1.21","cassandra-2.1.7","cassandra-2.1.8","cassandra-2.1.9","cassandra-2.2.0","cassandra-2.2.1","cassandra-2.2.10","cassandra-2.2.11","cassandra-2.2.12","cassandra-2.2.13","cassandra-2.2.14","cassandra-2.2.15","cassandra-2.2.16","cassandra-2.2.17","cassandra-2.2.2","cassandra-2.2.3","cassandra-2.2.4","cassandra-2.2.5","cassandra-2.2.6","cassandra-2.2.8","cassandra-2.2.9","cassandra-3.0.0","cassandra-3.0.0-alpha1","cassandra-3.0.1","cassandra-3.0.10","cassandra-3.0.11","cassandra-3.0.12","cassandra-3.0.13","cassandra-3.0.14","cassandra-3.0.15","cassandra-3.0.16","cassandra-3.0.17","cassandra-3.0.18","cassandra-3.0.19","cassandra-3.0.20","cassandra-3.0.21","cassandra-3.0.3","cassandra-3.0.4","cassandra-3.0.5","cassandra-3.0.6","cassandra-3.0.7","cassandra-3.0.9","cassandra-3.11.0","cassandra-3.11.1","cassandra-3.11.2","cassandra-3.11.3","cassandra-3.11.4","cassandra-3.11.5","cassandra-3.11.6","cassandra-3.4","cassandra-4.0-alpha1","cassandra-4.0-alpha2","cassandra-4.0-alpha3","cassandra-4.0-alpha4","cassandra-4.0-beta1","cassandra-4.0-beta2","cassandra-4.0-beta3","cassandra-4.0-beta4","cassandra-4.0-rc1","cassandra-5.0-alpha2","cassandra-5.0-beta1","cassandra-5.0-rc1","cassandra-5.0-rc2","cassandra-5.0.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.6.0-update113"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.0-update99"}]},{"events":[{"introduced":"0"},{"last_affected":"1.8.0-update77"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.0-update113"}]},{"events":[{"introduced":"0"},{"last_affected":"1.7.0-update99"}]},{"events":[{"introduced":"0"},{"last_affected":"1.8.0-update77"}]},{"events":[{"introduced":"0"},{"last_affected":"r28.3.9"}]},{"events":[{"introduced":"0"},{"last_affected":"5-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"6-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"7-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"12.04"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"15.10"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0.4"}]},{"events":[{"introduced":"7.2"}]},{"events":[{"introduced":"7.2"}]},{"events":[{"introduced":"0"},{"last_affected":"4.0.0-beta1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.6"}]},{"events":[{"introduced":"0"},{"last_affected":"5.7"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.7"}]},{"events":[{"introduced":"0"},{"last_affected":"7.2"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.2"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"6.7"}]},{"events":[{"introduced":"0"},{"last_affected":"7.2"}]},{"events":[{"introduced":"0"},{"last_affected":"7.2"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12"}]},{"events":[{"introduced":"0"},{"last_affected":"5"}]},{"events":[{"introduced":"0"},{"last_affected":"42.1"}]},{"events":[{"introduced":"0"},{"last_affected":"13.1"}]},{"events":[{"introduced":"0"},{"last_affected":"13.2"}]},{"events":[{"introduced":"0"},{"last_affected":"12-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"12-sp1"}]},{"events":[{"introduced":"0"},{"last_affected":"10-sp4"}]},{"events":[{"introduced":"0"},{"last_affected":"11-sp2"}]},{"events":[{"introduced":"0"},{"last_affected":"11-sp3"}]},{"events":[{"introduced":"0"},{"last_affected":"11-sp4"}]},{"events":[{"introduced":"0"},{"last_affected":"12-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"12-sp1"}]},{"events":[{"introduced":"0"},{"last_affected":"11-sp4"}]},{"events":[{"introduced":"0"},{"last_affected":"12-sp1"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3427.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}