Security News > 2024 > September > Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
2024-09-06 10:01

For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an open-source suite for enterprise resource planning (ERP), which contains web applications for human resources management, customer relationship management, accounting, marketing, etc. “Apache OFBiz is used by numerous large organizations, and previously disclosed vulnerabilities for it have … More → The post Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/09/06/cve-2024-45195/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-09-04 CVE-2024-45195 Forced Browsing vulnerability in Apache Ofbiz
Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue.
network
low complexity
apache CWE-425
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apache 304 61 868 662 307 1898