It was found that Apache Karaf enables a shutdown port, which could be used by a local attacker to shutdown the Karaf server. By default, the shutdown port is bound to a random high port, listening only on the loopback interface. A local attacker could send the shutdown command to all listening high ports, and shutdown the Karaf server.
Acknowledgements: This issue was discovered by David Jorm of Red Hat Product Security.