CVE-2016-8328

CWE-502Deserialization of Untrusted Data7 documents7 sources
Severity
3.7LOW
EPSS
0.6%
top 31.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Oracle Java SEOracle JDKOracle JRE
Timeline
PublishedJan 27
Latest updateSep 9

Description

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages3 packages

CVEListV5oracle/java_se8u112
NVDoracle/jdk1.8
NVDoracle/jre1.8

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-vv9q-q5qm-v3xg: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control)2022-05-14
CVEList
CVE-2016-8328: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control)2017-01-27

📋Vendor Advisories

3
Microsoft
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability2025-09-09
Red Hat
JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)2017-01-17
Debian
CVE-2016-8328: openjdk-8 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mis...2016

💬Community

1
Bugzilla
CVE-2016-8328 Oracle JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)2017-01-17