How severe is CVE-2016-0304?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2016-0304?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2016-0304

HIGH Year: 2016

CVSS v3 Score

8.1

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0920.

CVE-2014-3120

HIGH

CVSS:8.1(High)

The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. ...

CWE-2842014

CVE-2015-7887

HIGH

CVSS:8.1(High)

NetApp SnapCenter Server 1.0 allows remote authenticated users to list and delete backups.

CWE-2842015

CVE-2016-10030

HIGH

CVSS:8.1(High)

The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on...

CWE-2842016

CVE-2016-10417

HIGH

CVSS:8.1(High)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, M...

CWE-2842016