CVE-2013-1768

Apache OpenJPA 1.x < 1.2.3 and 2.x < 2.2.2 - Remote Code Execution via BrokerFactory Deserialization

Title source: llm
STIX 2.1

Description

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.

References (19)

Core 19
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1862.html
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86780
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0099.html
Various Sources x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21644047
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/82268
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86786
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86788
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/60534
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86791

Scores

EPSS 0.0951
EPSS Percentile 94.9%

Details

CWE
CWE-264
Status published
Products (16)
apache/openjpa 1.0.0
apache/openjpa 1.0.1
apache/openjpa 1.0.2
apache/openjpa 1.0.3
apache/openjpa 1.0.4
apache/openjpa 1.1.0
apache/openjpa 1.2.0
apache/openjpa 1.2.1
apache/openjpa 1.2.2
apache/openjpa 2.0.0
... and 6 more
Published Jul 11, 2013
Tracked Since Feb 18, 2026