CISA description
An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
CVE-2011-3544
Oracle · Java SE JDK and JRE
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.