Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts).

Metrics

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

Vendors Products
Oracle
  • Jdk
  • Jre
  • Jrockit
Redhat
  • Enterprise Linux
  • Network Satellite
  • Rhel Extras
  • Rhel Extras Oracle Java

Configuration 1 [-]

OR cpe:2.3:a:oracle:jdk:1.7:update_121:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8:update_111:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7:update_121:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8:update_111:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r28.3.12:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Oracle Java for Red Hat Enterprise Linux 5
java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el5_11 cpe:/a:redhat:rhel_extras_oracle_java:5 RHSA-2017:0176 2017-01-19T00:00:00Z
Oracle Java for Red Hat Enterprise Linux 6
java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8 cpe:/a:redhat:rhel_extras_oracle_java:6 RHSA-2017:0175 2017-01-19T00:00:00Z
java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el6_8 cpe:/a:redhat:rhel_extras_oracle_java:6 RHSA-2017:0176 2017-01-19T00:00:00Z
Oracle Java for Red Hat Enterprise Linux 7
java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3 cpe:/a:redhat:rhel_extras_oracle_java:7 RHSA-2017:0175 2017-01-19T00:00:00Z
java-1.7.0-oracle-1:1.7.0.131-1jpp.1.el7_3 cpe:/a:redhat:rhel_extras_oracle_java:7 RHSA-2017:0176 2017-01-19T00:00:00Z
Red Hat Enterprise Linux 5
java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el5_11 cpe:/o:redhat:enterprise_linux:5 RHSA-2017:0269 2017-02-13T00:00:00Z
Red Hat Enterprise Linux 5 Supplementary
java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11 cpe:/a:redhat:rhel_extras:5 RHSA-2017:0337 2017-02-28T00:00:00Z
Red Hat Enterprise Linux 6
java-1.8.0-openjdk-1:1.8.0.121-0.b13.el6_8 cpe:/o:redhat:enterprise_linux:6 RHSA-2017:0180 2017-01-20T00:00:00Z
java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el6_8 cpe:/o:redhat:enterprise_linux:6 RHSA-2017:0269 2017-02-13T00:00:00Z
Red Hat Enterprise Linux 6 Supplementary
java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el6_8 cpe:/a:redhat:rhel_extras:6 RHSA-2017:0263 2017-02-09T00:00:00Z
java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8 cpe:/a:redhat:rhel_extras:6 RHSA-2017:0336 2017-02-28T00:00:00Z
Red Hat Enterprise Linux 7
java-1.8.0-openjdk-1:1.8.0.121-0.b13.el7_3 cpe:/o:redhat:enterprise_linux:7 RHSA-2017:0180 2017-01-20T00:00:00Z
java-1.7.0-openjdk-1:1.7.0.131-2.6.9.0.el7_3 cpe:/o:redhat:enterprise_linux:7 RHSA-2017:0269 2017-02-13T00:00:00Z
Red Hat Enterprise Linux 7 Supplementary
java-1.8.0-ibm-1:1.8.0.4.0-1jpp.1.el7 cpe:/a:redhat:rhel_extras:7 RHSA-2017:0263 2017-02-09T00:00:00Z
java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7 cpe:/a:redhat:rhel_extras:7 RHSA-2017:0336 2017-02-28T00:00:00Z
Red Hat Satellite 5.6
java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8 cpe:/a:redhat:network_satellite:5.6::el6 RHSA-2017:1216 2017-05-09T00:00:00Z
Red Hat Satellite 5.7
java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8 cpe:/a:redhat:network_satellite:5.7::el6 RHSA-2017:1216 2017-05-09T00:00:00Z
References
Link Providers
http://rhn.redhat.com/errata/RHSA-2017-0175.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2017-0176.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2017-0180.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2017-0263.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2017-0269.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2017-0336.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2017-0337.html cve-icon cve-icon
http://www.debian.org/security/2017/dsa-3782 cve-icon cve-icon
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html cve-icon cve-icon
http://www.securityfocus.com/bid/95521 cve-icon cve-icon
http://www.securitytracker.com/id/1037637 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:1216 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2016-5547 cve-icon
https://security.gentoo.org/glsa/201701-65 cve-icon cve-icon
https://security.gentoo.org/glsa/201707-01 cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20170119-0001/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2016-5547 cve-icon
History

Wed, 09 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2017-01-27T22:01:00

Updated: 2024-10-09T20:04:11.345Z

Reserved: 2016-06-16T00:00:00

Link: CVE-2016-5547

cve-icon Vulnrichment

Updated: 2024-08-06T01:07:57.922Z

cve-icon NVD

Status : Modified

Published: 2017-01-27T22:59:00.333

Modified: 2018-01-05T02:31:02.073

Link: CVE-2016-5547

cve-icon Redhat

Severity : Moderate

Publid Date: 2017-01-17T00:00:00Z

Links: CVE-2016-5547 - Bugzilla