CVE-2014-0114

HIGH

Description

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.

References

http://advisories.mageia.org/MGASA-2014-0219.html

http://apache-ignite-developers.2346864.n4.nabble.com/CVE-2014-0114-Apache-Ignite-is-vulnerable-to-existing-CVE-2014-0114-td31205.html

http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html

http://marc.info/?l=bugtraq&m=140119284401582&w=2

http://marc.info/?l=bugtraq&m=140801096002766&w=2

http://marc.info/?l=bugtraq&m=141451023707502&w=2

http://openwall.com/lists/oss-security/2014/06/15/10

http://openwall.com/lists/oss-security/2014/07/08/1

http://seclists.org/fulldisclosure/2014/Dec/23

http://secunia.com/advisories/57477

http://secunia.com/advisories/58710

http://secunia.com/advisories/58851

http://secunia.com/advisories/58947

http://secunia.com/advisories/59014

http://secunia.com/advisories/59118

http://secunia.com/advisories/59228

http://secunia.com/advisories/59245

http://secunia.com/advisories/59246

http://secunia.com/advisories/59430

http://secunia.com/advisories/59464

http://secunia.com/advisories/59479

http://secunia.com/advisories/59480

http://secunia.com/advisories/59704

http://secunia.com/advisories/59718

http://secunia.com/advisories/60177

http://secunia.com/advisories/60703

http://www-01.ibm.com/support/docview.wss?uid=swg21674128

http://www-01.ibm.com/support/docview.wss?uid=swg21674812

http://www-01.ibm.com/support/docview.wss?uid=swg21675266

http://www-01.ibm.com/support/docview.wss?uid=swg21675387

http://www-01.ibm.com/support/docview.wss?uid=swg21675689

http://www-01.ibm.com/support/docview.wss?uid=swg21675898

http://www-01.ibm.com/support/docview.wss?uid=swg21675972

http://www-01.ibm.com/support/docview.wss?uid=swg21676091

http://www-01.ibm.com/support/docview.wss?uid=swg21676110

http://www-01.ibm.com/support/docview.wss?uid=swg21676303

http://www-01.ibm.com/support/docview.wss?uid=swg21676375

http://www-01.ibm.com/support/docview.wss?uid=swg21676931

http://www-01.ibm.com/support/docview.wss?uid=swg21677110

http://www-01.ibm.com/support/docview.wss?uid=swg27042296

http://www.debian.org/security/2014/dsa-2940

http://www.ibm.com/support/docview.wss?uid=swg21675496

http://www.mandriva.com/security/advisories?name=MDVSA-2014:095

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/67121

http://www.vmware.com/security/advisories/VMSA-2014-0008.html

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

https://access.redhat.com/errata/RHSA-2018:2669

https://access.redhat.com/solutions/869353

https://bugzilla.redhat.com/show_bug.cgi?id=1091938

https://bugzilla.redhat.com/show_bug.cgi?id=1116665

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

https://issues.apache.org/jira/browse/BEANUTILS-463

https://lists.apache.org/thread.html/[email protected]%3Cdevnull.infra.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.pulsar.apache.org%3E

https://security.gentoo.org/glsa/201607-09

https://security.netapp.com/advisory/ntap-20140911-0001/

https://security.netapp.com/advisory/ntap-20180629-0006/

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

Details

Source: MITRE

Published: 2014-04-30

Updated: 2019-03-29

Type: CWE-20

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH