7.5

CVE-2013-1768

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheOpenjpa Version1.0.0
ApacheOpenjpa Version1.0.1
ApacheOpenjpa Version1.0.2
ApacheOpenjpa Version1.0.3
ApacheOpenjpa Version1.0.4
ApacheOpenjpa Version1.1.0
ApacheOpenjpa Version1.2.0
ApacheOpenjpa Version1.2.1
ApacheOpenjpa Version1.2.2
ApacheOpenjpa Version2.0.0
ApacheOpenjpa Version2.0.1
ApacheOpenjpa Version2.1.0
ApacheOpenjpa Version2.1.1
ApacheOpenjpa Version2.2.0
ApacheOpenjpa Version2.2.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.51% 0.948
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www-01.ibm.com/support/docview.wss?uid=swg21644047
http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0099.html
http://rhn.redhat.com/errata/RHSA-2013-1862.html
http://svn.apache.org/viewvc?view=revision&revision=1462076
http://svn.apache.org/viewvc?view=revision&revision=1462225
http://svn.apache.org/viewvc?view=revision&revision=1462268
http://svn.apache.org/viewvc?view=revision&revision=1462318
http://svn.apache.org/viewvc?view=revision&revision=1462328
http://svn.apache.org/viewvc?view=revision&revision=1462488
http://svn.apache.org/viewvc?view=revision&revision=1462512
http://svn.apache.org/viewvc?view=revision&revision=1462558
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86780
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86786
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86788
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86791
http://www-01.ibm.com/support/docview.wss?uid=swg21635999
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.securityfocus.com/bid/60534
https://exchange.xforce.ibmcloud.com/vulnerabilities/82268