← volver
CVE-2023-51467

Apache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability

EPSS 96.0%
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code
Productos afectados
Apache Software Foundation · Apache OFBiz

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://issues.apache.org/jira/browse/OFBIZ-12873https://lists.apache.org/thread/9tmf9qyyhgh6m052rhz7lg9vxn390bdvhttps://lists.apache.org/thread/oj2s6objhdq72t6g29omqpcbd1wlp48ohttps://ofbiz.apache.org/download.htmlhttps://ofbiz.apache.org/release-notes-18.12.11.htmlhttps://ofbiz.apache.org/security.htmlhttps://www.openwall.com/lists/oss-security/2023/12/26/3https://www.vicarius.io/vsociety/posts/apache-ofbiz-authentication-bypass-vulnerability-cve-2023-49070-and-cve-2023-51467