CVE-2016-6344

EPSS 0.32% · P55 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-6344

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Red Hat JBoss BPM Suite 6.3.x does not include the HTTPOnly flag in a Set-Cookie header for session cookies, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Red Hat JBoss BPMS 远程信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Red Hat JBoss BPM Suite是美国红帽（Red Hat）公司的一套集合了JBoss BRMS所有功能的业务流程管理平台。该平台可为建模、自动化、模拟化和业务流程监控提供额外支持。 Red Hat JBoss BPMS 6.3.x版本中存在安全漏洞，该漏洞源于会话cookie中没有在Set-Cookie头中包含HTTPOnly标志。远程攻击者可利用该漏洞获取敏感信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2016-6344

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2016-6344

Please Login to view more intelligence information

https://bugzilla.redhat.com/show_bug.cgi?id=1371807x_refsource_CONFIRM
http://www.securityfocus.com/bid/92714vdb-entryx_refsource_BID
http://rhn.redhat.com/errata/RHSA-2017-0248.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2017-0249.htmlvendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2016-6344

Same Patch Batch · n/a · 2016-09-07 · 37 CVEs total

CVE-2016-7108		Huawei UMA 信息泄露漏洞
CVE-2016-6825		多款Huawei产品暴力破解攻击漏洞
CVE-2016-6838		多款Huawei产品信息泄露漏洞
CVE-2016-6839		Huawei FusionAccess HTTP头注入漏洞
CVE-2016-6876		多款F5产品拒绝服务漏洞
CVE-2016-6898		Huawei E9000 Chassis XML外部实体漏洞
CVE-2016-6899		多款Huawei产品弱的加密算法漏洞
CVE-2016-6900		多款Huawei服务器Intelligent Baseboard Management Controller 资源管理漏洞
CVE-2016-7107		Huawei UMA 密码重置漏洞
CVE-2016-6670		多款Huawei产品不安全的随机数生成数漏洞
CVE-2016-7109		Huawei UMA 命令注入漏洞
CVE-2016-7110		Huawei UMA 命令注入漏洞
CVE-2016-6345		Red Hat RESTEasy 信息泄露漏洞
CVE-2016-6346		Red Hat RESTEasy 拒绝服务漏洞
CVE-2016-6351		QEMU‘hw/scsi/esp.c’远程代码执行漏洞
CVE-2016-6855		Gnome Eye Of Gnome 拒绝服务漏洞
CVE-2016-7033		Red Hat JBoss BPMS 跨站脚本漏洞
CVE-2016-7034		Red Hat JBoss BPMS 跨站请求伪造漏洞
CVE-2016-5422		Red Hat JBoss Operations Network 安全漏洞
CVE-2016-5404		Red Hat FreeIPA 访问控制错误漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2016-6344

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2016-6344

I. Basic Information for CVE-2016-6344

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2016-6344

III. Intelligence Information for CVE-2016-6344

Same Patch Batch · n/a · 2016-09-07 · 37 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2016-6344

Leave a comment