Exposures › CVE-2011-3544
CVE-2011-3544
Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-03-03
Reference
⚡ RCE
⌖ exploited in the wild
shame 65/100
rceexploited-in-wild
An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
Players implicated
Description
An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
Affected FedRAMP products 10 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| Aconex for Defense | Oracle | Authorized | vendor-exact · 0.90 |
| Federal Managed Cloud Services | Oracle | Authorized | vendor-exact · 0.90 |
| Fusion Cloud | Oracle | Authorized | vendor-exact · 0.90 |
| Government Cloud - Common Controls | Oracle | Authorized | vendor-exact · 0.90 |
| Oracle Cloud Infrastructure-Government Cloud | Oracle | Authorized | vendor-exact · 0.90 |
| Oracle Enterprise Performance Management (EPM) | Oracle | Authorized | vendor-exact · 0.90 |
| Oracle Enterprise Performance Management (EPM) - Moderate | Oracle | In Process | vendor-exact · 0.90 |
| Oracle Service Cloud | Oracle | Authorized | vendor-exact · 0.90 |
| Oracle Service Cloud (DOD) | Oracle | Authorized | vendor-exact · 0.90 |
| Taleo Cloud - U.S. Government Cloud | Oracle | Authorized | vendor-exact · 0.90 |