CVE-2014-0114

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.

References

http://advisories.mageia.org/MGASA-2014-0219.html

http://apache-ignite-developers.2346864.n4.nabble.com/CVE-2014-0114-Apache-Ignite-is-vulnerable-to-existing-CVE-2014-0114-td31205.html

http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html

http://marc.info/?l=bugtraq&m=140119284401582&w=2

http://marc.info/?l=bugtraq&m=140801096002766&w=2

http://marc.info/?l=bugtraq&m=141451023707502&w=2

http://openwall.com/lists/oss-security/2014/06/15/10

http://openwall.com/lists/oss-security/2014/07/08/1

http://seclists.org/fulldisclosure/2014/Dec/23

http://secunia.com/advisories/57477

http://secunia.com/advisories/58710

http://secunia.com/advisories/58851

http://secunia.com/advisories/58947

http://secunia.com/advisories/59014

http://secunia.com/advisories/59118

http://secunia.com/advisories/59228

http://secunia.com/advisories/59245

http://secunia.com/advisories/59246

http://secunia.com/advisories/59430

http://secunia.com/advisories/59464

http://secunia.com/advisories/59479

http://secunia.com/advisories/59480

http://secunia.com/advisories/59704

http://secunia.com/advisories/59718

http://secunia.com/advisories/60177

http://secunia.com/advisories/60703

http://www.debian.org/security/2014/dsa-2940

http://www.ibm.com/support/docview.wss?uid=swg21675496

http://www.mandriva.com/security/advisories?name=MDVSA-2014:095

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/67121

http://www.vmware.com/security/advisories/VMSA-2014-0008.html

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

http://www-01.ibm.com/support/docview.wss?uid=swg21674128

http://www-01.ibm.com/support/docview.wss?uid=swg21674812

http://www-01.ibm.com/support/docview.wss?uid=swg21675266

http://www-01.ibm.com/support/docview.wss?uid=swg21675387

http://www-01.ibm.com/support/docview.wss?uid=swg21675689

http://www-01.ibm.com/support/docview.wss?uid=swg21675898

http://www-01.ibm.com/support/docview.wss?uid=swg21675972

http://www-01.ibm.com/support/docview.wss?uid=swg21676091

http://www-01.ibm.com/support/docview.wss?uid=swg21676110

http://www-01.ibm.com/support/docview.wss?uid=swg21676303

http://www-01.ibm.com/support/docview.wss?uid=swg21676375

http://www-01.ibm.com/support/docview.wss?uid=swg21676931

http://www-01.ibm.com/support/docview.wss?uid=swg21677110

http://www-01.ibm.com/support/docview.wss?uid=swg27042296

https://access.redhat.com/errata/RHSA-2018:2669

https://access.redhat.com/errata/RHSA-2019:2995

https://access.redhat.com/solutions/869353

https://bugzilla.redhat.com/show_bug.cgi?id=1091938

https://bugzilla.redhat.com/show_bug.cgi?id=1116665

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

https://issues.apache.org/jira/browse/BEANUTILS-463

https://lists.apache.org/thread.html/[email protected]%3Cdev.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cuser.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdevnull.infra.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Csolr-user.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.commons.apache.org%3E

https://lists.apache.org/thread.html/8e2bdfabd5b14836aa3cf9[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.druid.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.pulsar.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cgitbox.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cnotifications.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cnotifications.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.commons.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Csolr-user.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.dolphinscheduler.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Csolr-user.lucene.apache.org%3E

https://security.gentoo.org/glsa/201607-09

https://security.netapp.com/advisory/ntap-20140911-0001/

https://security.netapp.com/advisory/ntap-20180629-0006/

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Details

Source: MITRE

Published: 2014-04-30

Updated: 2021-01-26

Type: CWE-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
141566IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x <= 9.0.0.9 Multiple Vulnerabilities (711865)NessusWeb Servers
high
112192Apache ActiveMQ 5.x < 5.15.5 Multiple VulnerabilitiesNessusCGI abuses
critical
9699IBM WebSphere Application Server 7.0 < 7.0.0.33 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
critical
92479GLSA-201607-09 : Commons-BeanUtils: Arbitrary code executionNessusGentoo Local Security Checks
high
82203Debian DLA-57-1 : libstruts1.2-java security updateNessusDebian Local Security Checks
high
79691IBM WebSphere Portal 7.0.0.x < 7.0.0.2 CF29 Multiple VulnerabilitiesNessusCGI abuses
high
79216IBM WebSphere Portal 8.5.0 < 8.5.0 CF02 Multiple VulnerabilitiesNessusCGI abuses
high
79018RHEL 6 : struts (RHSA-2014:0500)NessusRed Hat Local Security Checks
high
78749Oracle Enterprise Data Quality Multiple Vulnerabilities (October 2014 CPU)NessusCGI abuses
high
78700Oracle Adaptive Access Manager Server Arbitrary Code Execution (October 2014 CPU)NessusMisc.
high
78542Oracle Identity Manager (October 2014 CPUNessusMisc.
high
78541Oracle WebLogic Server Multiple Vulnerabilities (October 2014 CPU)NessusMisc.
high
77728VMware Security Updates for vCenter Server (VMSA-2014-0008)NessusMisc.
critical
77630VMSA-2014-0008 : VMware vSphere product updates to third-party librariesNessusVMware ESX Local Security Checks
high
77535IBM WebSphere Portal Apache Struts ClassLoader Manipulation RCENessusCGI abuses
high
77351Fedora 20 : struts-1.3.10-10.fc20 (2014-9380)NessusFedora Local Security Checks
high
77306Debian DSA-2940-1 : libstruts1.2-java - security updateNessusDebian Local Security Checks
high
76967IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple VulnerabilitiesNessusWeb Servers
high
74073Mandriva Linux Security Advisory : struts (MDVSA-2014:095)NessusMandriva Local Security Checks
high
73935Oracle Linux 5 : struts (ELSA-2014-0474)NessusOracle Linux Local Security Checks
high
73922CentOS 5 : struts (CESA-2014:0474)NessusCentOS Local Security Checks
high
73919Apache Struts ClassLoader ManipulationNessusDenial of Service
high
73907Scientific Linux Security Update : struts on SL5.x i386/x86_64 (20140507)NessusScientific Linux Local Security Checks
high
73901RHEL 5 : struts (RHSA-2014:0474)NessusRed Hat Local Security Checks
high