Description
The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
Remediation
References
http://svn.apache.org/viewvc?view=revision&revision=1462076
http://svn.apache.org/viewvc?view=revision&revision=1462488
http://svn.apache.org/viewvc?view=revision&revision=1462558
http://www-01.ibm.com/support/docview.wss?uid=swg21635999
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86791
http://svn.apache.org/viewvc?view=revision&revision=1462268
http://svn.apache.org/viewvc?view=revision&revision=1462512
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86780
http://svn.apache.org/viewvc?view=revision&revision=1462225
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86788
http://svn.apache.org/viewvc?view=revision&revision=1462318
http://svn.apache.org/viewvc?view=revision&revision=1462328
http://www-01.ibm.com/support/docview.wss?uid=swg1PM86786
http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0099.html
http://www-01.ibm.com/support/docview.wss?uid=swg21644047
http://rhn.redhat.com/errata/RHSA-2013-1862.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/82268
http://www.securityfocus.com/bid/60534
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Related Vulnerabilities
CVE-2013-2165 Vulnerability in maven package org.richfaces.framework:richfaces-impl
CVE-2012-2138 Vulnerability in maven package org.apache.sling:org.apache.sling.servlets.post
CVE-2012-4431 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2012-0393 Vulnerability in maven package org.apache.struts.xwork:xwork-core
CVE-2016-0714 Vulnerability in maven package org.apache.tomcat:tomcat-util