CISA description
An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.
CVE-2015-2590
Oracle · Java SE
Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.