Security News > 2024 > January > New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
2024-01-11 14:16

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (


News URL

https://thehackernews.com/2024/01/new-poc-exploit-for-apache-ofbiz.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-12-26 CVE-2023-51467 Server-Side Request Forgery (SSRF) vulnerability in Apache Ofbiz
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code
network
low complexity
apache CWE-918
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apache 281 13 549 713 367 1642