You should update as soon as possible to avoid leaks of corporate information.
A critical zero-day vulnerability has been discovered in the Apache OFBiz system, which is widely used for enterprise resource planning (ERP). It allows you to bypass authentication systems and exposes the business of many enterprises to a real risk of cyber attacks.
The SonicWall discovered a vulnerability called CVE-2023-51467. The problem is related to the login function and is the result of an incomplete fix for the previous critical vulnerability CVE-2023-49070, which was patched earlier this month.
CVE-2023-49070 — this is a vulnerability that allows remote code execution without authentication. It affects versions prior to 18.12.10 and can lead to full control of the server and theft of confidential data. The problem is caused by an outdated XML-RPC component in Apache OFBiz.
CVE-2023-51467 is activated by using empty or invalid USERNAME and PASSWORD parameters in an HTTP request, which results in a successful authentication message. This allows attackers to gain access to internal resources.
The attack depends on the fact that the "requirePasswordChange" parameter is set to "Y" (yes) in the URL, which allows you to bypass authentication regardless of the user data and password provided.
The US National Vulnerability Database (NVD) indicates that the vulnerability allows you to bypass authentication and leads to a vulnerability for server-side request forgery (SSRF).
Users of the Apache OFBiz system are strongly encouraged to upgrade to version 18.12.11 or later to eliminate potential threats.
A critical zero-day vulnerability has been discovered in the Apache OFBiz system, which is widely used for enterprise resource planning (ERP). It allows you to bypass authentication systems and exposes the business of many enterprises to a real risk of cyber attacks.
The SonicWall discovered a vulnerability called CVE-2023-51467. The problem is related to the login function and is the result of an incomplete fix for the previous critical vulnerability CVE-2023-49070, which was patched earlier this month.
CVE-2023-49070 — this is a vulnerability that allows remote code execution without authentication. It affects versions prior to 18.12.10 and can lead to full control of the server and theft of confidential data. The problem is caused by an outdated XML-RPC component in Apache OFBiz.
CVE-2023-51467 is activated by using empty or invalid USERNAME and PASSWORD parameters in an HTTP request, which results in a successful authentication message. This allows attackers to gain access to internal resources.
The attack depends on the fact that the "requirePasswordChange" parameter is set to "Y" (yes) in the URL, which allows you to bypass authentication regardless of the user data and password provided.
The US National Vulnerability Database (NVD) indicates that the vulnerability allows you to bypass authentication and leads to a vulnerability for server-side request forgery (SSRF).
Users of the Apache OFBiz system are strongly encouraged to upgrade to version 18.12.11 or later to eliminate potential threats.
