VIR Vulnerability Intelligence Relay

CVE-2016-8328

low
Published 2017-01-27 · Modified 2026-05-13
CVSS v3
3.7
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVSS v2
4.3
VIR risk
3.7

Description

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).

Predictions

Exploit likelihood
47%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2016-8328

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2016-8328.html

vendor Authored 2026-05-27

Vendor advisory: secalert_us@oracle.com — http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html

OS impact
OSVersionStatusFixed in
suse slesaffected
debian debiansidfixed0

Application impact
VendorProductVersionsFixed
oraclejdk1.8
oraclejre1.8

References

Verify integrity in audit chain (admin only). AS-IS.