All the vulnerabilites related to Apache Software Foundation - Apache OFBiz
cve-2024-47208
Vulnerability from cvelistv5
Published
2024-11-18 08:43
Modified
2024-11-19 14:59
Severity ?
EPSS score ?
Summary
Apache OFBiz: URLs allowing remote use of Groovy expressions, leading to RCE
References
| ▼ | URL | Tags |
|---|---|---|
| https://ofbiz.apache.org/download.html | mitigation, product, release-notes | |
| https://ofbiz.apache.org/security.html | patch | |
| https://issues.apache.org/jira/browse/OFBIZ-13158 | issue-tracking | |
| https://lists.apache.org/thread/022r19skfofhv3lzql33vowlrvqndh11 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-18T09:03:46.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/16/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-47208",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T14:57:40.485280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T14:59:02.765Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.17",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u5b59\u76f8 (Sun Xiang)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eServer-Side Request Forgery (SSRF), Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Apache OFBiz.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OFBiz: before 18.12.17.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 18.12.17, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF), Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.17.\n\nUsers are recommended to upgrade to version 18.12.17, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T08:43:17.743Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation",
"product",
"release-notes"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"patch"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-13158"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/022r19skfofhv3lzql33vowlrvqndh11"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: URLs allowing remote use of Groovy expressions, leading to RCE",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-47208",
"datePublished": "2024-11-18T08:43:17.743Z",
"dateReserved": "2024-09-21T11:29:47.639Z",
"dateUpdated": "2024-11-19T14:59:02.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-23946
Vulnerability from cvelistv5
Published
2024-02-28 15:44
Modified
2024-08-13 18:55
Severity ?
EPSS score ?
Summary
Apache OFBiz: Path traversal or file inclusion
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:13:08.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"mitigation",
"x_transferred"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.12.html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12884"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/w4lp5ncpzttf41hn5bsc04mzq4o6lw3g"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/28/9"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ofbiz",
"vendor": "apache",
"versions": [
{
"lessThan": "18.12.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23946",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T18:54:20.773101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T18:55:27.477Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arun Shaji from trendmicro.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Possible path traversal in Apache OFBiz allowing file inclusion.\u003cbr\u003eUsers are recommended to upgrade to version 18.12.12, that fixes the issue."
}
],
"value": "Possible path traversal in Apache OFBiz allowing file inclusion.\nUsers are recommended to upgrade to version 18.12.12, that fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "critical"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-28T15:44:41.714Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.12.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12884"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/w4lp5ncpzttf41hn5bsc04mzq4o6lw3g"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/28/9"
}
],
"source": {
"advisory": "https://ofbiz.apache.org/security.html",
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Path traversal or file inclusion",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-23946",
"datePublished": "2024-02-28T15:44:41.714Z",
"dateReserved": "2024-01-24T11:56:35.708Z",
"dateUpdated": "2024-08-13T18:55:27.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-47501
Vulnerability from cvelistv5
Published
2023-04-14 15:01
Modified
2024-10-17 20:33
Severity ?
EPSS score ?
Summary
Apache OFBiz: Arbitrary file reading vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:55:08.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/k8s76l0whydy45bfm4b69vq0mf94p3wc"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/9"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/04/19/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/04/19/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ofbiz",
"vendor": "apache",
"versions": [
{
"lessThan": "18.12.07",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-47501",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T20:32:14.557500Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T20:33:20.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.07",
"status": "affected",
"version": "18.12.06",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Skay \u003clhcaomail@gmail.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a\u0026nbsp;\npre-authentication attack.\u003cbr\u003e\u003cp\u003eThis issue affects Apache OFBiz: before 18.12.07.\u003c/p\u003e"
}
],
"value": "Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a\u00a0\npre-authentication attack.\nThis issue affects Apache OFBiz: before 18.12.07.\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-14T15:01:31.987Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/k8s76l0whydy45bfm4b69vq0mf94p3wc"
},
{
"tags": [
"release-notes"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/9"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/19/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/19/6"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nUpgrade to release 18.12.07\n\n\u003cbr\u003e"
}
],
"value": "\nUpgrade to release 18.12.07\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Arbitrary file reading vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-47501",
"datePublished": "2023-04-14T15:01:31.987Z",
"dateReserved": "2022-12-15T11:47:41.571Z",
"dateUpdated": "2024-10-17T20:33:20.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-48962
Vulnerability from cvelistv5
Published
2024-11-18 08:41
Modified
2024-11-21 15:34
Severity ?
EPSS score ?
Summary
Apache OFBiz: Bypass SameSite restrictions with target redirection using URL parameters (SSTI and CSRF leading to RCE)
References
| ▼ | URL | Tags |
|---|---|---|
| https://ofbiz.apache.org/download.html | mitigation, release-notes, product | |
| https://ofbiz.apache.org/security.html | patch | |
| https://issues.apache.org/jira/browse/OFBIZ-13162 | issue-tracking | |
| https://lists.apache.org/thread/6sddh4pts90cp8ktshqb4xykdp6lb6q6 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-18T09:03:47.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/16/2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ofbiz",
"vendor": "apache",
"versions": [
{
"lessThan": "18.12.17",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-48962",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T15:43:23.785657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T15:34:27.275Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.17",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sebastiano Sartor \u003cs@sebsrt.xyz\u003e"
},
{
"lang": "en",
"type": "finder",
"value": "Ryan \u003cmarimoo.eth@gmail.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Control of Generation of Code (\u0027Code Injection\u0027), Cross-Site Request Forgery (CSRF), : Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OFBiz: before 18.12.17.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 18.12.17, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027), Cross-Site Request Forgery (CSRF), : Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.17.\n\nUsers are recommended to upgrade to version 18.12.17, which fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T08:41:30.545Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation",
"release-notes",
"product"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"patch"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-13162"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/6sddh4pts90cp8ktshqb4xykdp6lb6q6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache OFBiz: Bypass SameSite restrictions with target redirection using URL parameters (SSTI and CSRF leading to RCE)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-48962",
"datePublished": "2024-11-18T08:41:30.545Z",
"dateReserved": "2024-10-10T06:25:35.776Z",
"dateUpdated": "2024-11-21T15:34:27.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-45507
Vulnerability from cvelistv5
Published
2024-09-04 08:08
Modified
2024-09-13 03:55
Severity ?
EPSS score ?
Summary
Apache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE
References
| ▼ | URL | Tags |
|---|---|---|
| https://ofbiz.apache.org/download.html | mitigation, product, release-notes | |
| https://ofbiz.apache.org/security.html | patch | |
| https://issues.apache.org/jira/browse/OFBIZ-13132 | issue-tracking | |
| https://lists.apache.org/thread/o90dd9lbk1hh3t2557t2y2qvrh92p7wy | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-09-04T09:03:02.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/09/03/7"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_ofbiz:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apache_ofbiz",
"vendor": "apache_software_foundation",
"versions": [
{
"lessThan": "18.12.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T03:55:20.597Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u5b59\u76f8 (Sun Xiang)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eServer-Side Request Forgery (SSRF), Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Apache OFBiz.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OFBiz: before 18.12.16.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 18.12.16, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF), Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.16.\n\nUsers are recommended to upgrade to version 18.12.16, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T08:08:33.876Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation",
"product",
"release-notes"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"patch"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-13132"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/o90dd9lbk1hh3t2557t2y2qvrh92p7wy"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45507",
"datePublished": "2024-09-04T08:08:33.876Z",
"dateReserved": "2024-09-01T14:10:41.649Z",
"dateUpdated": "2024-09-13T03:55:20.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-49070
Vulnerability from cvelistv5
Published
2023-12-05 08:05
Modified
2024-08-19 07:48
Severity ?
EPSS score ?
Summary
Pre-auth RCE in Apache Ofbiz 18.12.09 due to XML-RPC still present
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-19T07:48:13.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"mitigation",
"x_transferred"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.10.html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12812"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/jmbqk2lp4t4483whzndp5xqlq4f3otg3"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176323/Apache-OFBiz-18.12.09-Remote-Code-Execution.html"
},
{
"url": "https://www.vicarius.io/vsociety/posts/apache-ofbiz-authentication-bypass-vulnerability-cve-2023-49070-and-cve-2023-51467"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Siebene@"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nPre-auth RCE in Apache Ofbiz 18.12.09.\u003cbr\u003e\u003cbr\u003eIt\u0027s due to XML-RPC\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eno longer maintained\u003c/span\u003e\u0026nbsp;still present.\u003cbr\u003e\u003cp\u003eThis issue affects Apache OFBiz: before 18.12.10.\u0026nbsp;\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers are recommended to upgrade to version 18.12.10\u003c/span\u003e\u003c/p\u003e\n\n"
}
],
"value": "\nPre-auth RCE in Apache Ofbiz 18.12.09.\n\nIt\u0027s due to XML-RPC\u00a0no longer maintained\u00a0still present.\nThis issue affects Apache OFBiz: before 18.12.10.\u00a0\nUsers are recommended to upgrade to version 18.12.10\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-05T08:05:06.966Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.10.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12812"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/jmbqk2lp4t4483whzndp5xqlq4f3otg3"
},
{
"url": "http://packetstormsecurity.com/files/176323/Apache-OFBiz-18.12.09-Remote-Code-Execution.html"
}
],
"source": {
"defect": [
"OFBIZ-12812"
],
"discovery": "EXTERNAL"
},
"title": "Pre-auth RCE in Apache Ofbiz 18.12.09 due to XML-RPC still present",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-49070",
"datePublished": "2023-12-05T08:05:06.966Z",
"dateReserved": "2023-11-21T12:04:43.559Z",
"dateUpdated": "2024-08-19T07:48:13.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-29063
Vulnerability from cvelistv5
Published
2022-09-02 07:10
Modified
2024-08-03 06:10
Severity ?
EPSS score ?
Summary
Java Deserialization via RMI Connection from the Solr plugin of Apache OFBiz
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/ytzrjc16pf357zntwk8tjby13kbx9105 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/09/02/6 | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:10:59.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/ytzrjc16pf357zntwk8tjby13kbx9105"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Java Deserialization via RMI Connection (CVE-2022-29063)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "18.12.05",
"status": "affected",
"version": "Apache OFBiz",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Matei \"Mal\" Badanoiu"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run arbitrary code. Upgrade to at least 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12646."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-02T11:06:11",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/ytzrjc16pf357zntwk8tjby13kbx9105"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Java Deserialization via RMI Connection (CVE-2022-29063)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Java Deserialization via RMI Connection from the Solr plugin of Apache OFBiz",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-29063",
"STATE": "PUBLIC",
"TITLE": "Java Deserialization via RMI Connection from the Solr plugin of Apache OFBiz"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OFBiz",
"version_value": "18.12.05"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Matei \"Mal\" Badanoiu"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run arbitrary code. Upgrade to at least 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12646."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/ytzrjc16pf357zntwk8tjby13kbx9105",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/ytzrjc16pf357zntwk8tjby13kbx9105"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Java Deserialization via RMI Connection (CVE-2022-29063)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/6"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-29063",
"datePublished": "2022-09-02T07:10:19",
"dateReserved": "2022-04-11T00:00:00",
"dateUpdated": "2024-08-03T06:10:59.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-32113
Vulnerability from cvelistv5
Published
2024-05-08 14:50
Modified
2024-08-08 03:55
Severity ?
EPSS score ?
Summary
Apache OFBiz: Path traversal leading to RCE
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ofbiz",
"vendor": "apache",
"versions": [
{
"lessThan": "18.12.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32113",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-08-07",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T03:55:22.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-08-07T00:00:00+00:00",
"value": "CVE-2024-32113 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:06:44.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"mitigation",
"x_transferred"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-13006"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/05/09/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Qiyi Zhang (RacerZ) @secsys from Fudan"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Apache OFBiz.\u003cp\u003eThis issue affects Apache OFBiz: before 18.12.13.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 18.12.13, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13.\n\nUsers are recommended to upgrade to version 18.12.13, which fixes the issue.\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T14:50:07.272Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-13006"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/09/1"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Path traversal leading to RCE",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-32113",
"datePublished": "2024-05-08T14:50:07.272Z",
"dateReserved": "2024-04-11T06:42:13.766Z",
"dateUpdated": "2024-08-08T03:55:22.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25065
Vulnerability from cvelistv5
Published
2024-02-28 15:42
Modified
2024-08-29 14:51
Severity ?
EPSS score ?
Summary
Apache OFBiz: Path traversal allowing authentication bypass.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"mitigation",
"x_transferred"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.12.html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12887"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/rplfjp7ppn9ro49oo7jsrpj99m113lfc"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/28/10"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ofbiz",
"vendor": "apache",
"versions": [
{
"lessThan": "18.12.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25065",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T14:49:41.208173Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T14:51:06.310Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "YunPeng - \u90ed \u8fd0\u9e4f \u003cpuata123@outlook.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nPossible path traversal in Apache OFBiz allowing authentication bypass.\u003cbr\u003eUsers are recommended to upgrade to version 18.12.12, that fixes the issue.\n\n"
}
],
"value": "\nPossible path traversal in Apache OFBiz allowing authentication bypass.\nUsers are recommended to upgrade to version 18.12.12, that fixes the issue.\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "critical"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Path traversal allowing authentication bypass.",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-28T15:42:50.448Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.12.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12887"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/rplfjp7ppn9ro49oo7jsrpj99m113lfc"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/28/10"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Path traversal allowing authentication bypass.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-25065",
"datePublished": "2024-02-28T15:42:50.448Z",
"dateReserved": "2024-02-04T08:22:51.943Z",
"dateUpdated": "2024-08-29T14:51:06.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6800
Vulnerability from cvelistv5
Published
2017-08-30 17:00
Modified
2024-09-16 16:34
Severity ?
EPSS score ?
Summary
The default configuration of the Apache OFBiz framework offers a blog functionality. Different users are able to operate blogs which are related to specific parties. In the form field for the creation of new blog articles the user input of the summary field as well as the article field is not properly sanitized. It is possible to inject arbitrary JavaScript code in these form fields. This code gets executed from the browser of every user who is visiting this article. Mitigation: Upgrade to Apache OFBiz 16.11.01.
References
| ▼ | URL | Tags |
|---|---|---|
| https://s.apache.org/Owsz | mailing-list, x_refsource_MLIST | |
| https://lists.apache.org/thread.html/28987cffe0237fa67eca9de8bbbc04a917ac8785342ad9e5a196c978%40%3Cuser.ofbiz.apache.org%3E | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[www-announce] 20161129 [SECURITY] CVE-2016-6800 Apache OFBiz blog stored XSS vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://s.apache.org/Owsz"
},
{
"name": "[ofbiz-user] 20191016 Re: Multi Tenancy Support",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/28987cffe0237fa67eca9de8bbbc04a917ac8785342ad9e5a196c978%40%3Cuser.ofbiz.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "13.07.*"
},
{
"status": "affected",
"version": "12.04.*"
},
{
"status": "affected",
"version": "11.04.*"
}
]
}
],
"datePublic": "2016-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of the Apache OFBiz framework offers a blog functionality. Different users are able to operate blogs which are related to specific parties. In the form field for the creation of new blog articles the user input of the summary field as well as the article field is not properly sanitized. It is possible to inject arbitrary JavaScript code in these form fields. This code gets executed from the browser of every user who is visiting this article. Mitigation: Upgrade to Apache OFBiz 16.11.01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-16T19:06:12",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[www-announce] 20161129 [SECURITY] CVE-2016-6800 Apache OFBiz blog stored XSS vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://s.apache.org/Owsz"
},
{
"name": "[ofbiz-user] 20191016 Re: Multi Tenancy Support",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/28987cffe0237fa67eca9de8bbbc04a917ac8785342ad9e5a196c978%40%3Cuser.ofbiz.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2016-11-29T00:00:00",
"ID": "CVE-2016-6800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_value": "13.07.*"
},
{
"version_value": "12.04.*"
},
{
"version_value": "11.04.*"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of the Apache OFBiz framework offers a blog functionality. Different users are able to operate blogs which are related to specific parties. In the form field for the creation of new blog articles the user input of the summary field as well as the article field is not properly sanitized. It is possible to inject arbitrary JavaScript code in these form fields. This code gets executed from the browser of every user who is visiting this article. Mitigation: Upgrade to Apache OFBiz 16.11.01."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[www-announce] 20161129 [SECURITY] CVE-2016-6800 Apache OFBiz blog stored XSS vulnerability",
"refsource": "MLIST",
"url": "https://s.apache.org/Owsz"
},
{
"name": "[ofbiz-user] 20191016 Re: Multi Tenancy Support",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/28987cffe0237fa67eca9de8bbbc04a917ac8785342ad9e5a196c978@%3Cuser.ofbiz.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2016-6800",
"datePublished": "2017-08-30T17:00:00Z",
"dateReserved": "2016-08-12T00:00:00",
"dateUpdated": "2024-09-16T16:34:06.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-50968
Vulnerability from cvelistv5
Published
2023-12-26 11:45
Modified
2024-08-02 22:23
Severity ?
EPSS score ?
Summary
Apache OFBiz: Arbitrary file properties reading and SSRF attack
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:23:44.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"mitigation",
"x_transferred"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.11.html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12875"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/x5now4bk3llwf3k58kl96qvtjyxwp43q"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/26/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "18.12.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yun Peng - \u90ed \u8fd0\u9e4f \u003cpuata123@outlook.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eArbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations.\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThe same uri can be operated to realize a SSRF attack also without authorizations.\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003eUsers are recommended to upgrade to version 18.12.11, which fixes this issue."
}
],
"value": "Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations.\n\nThe same uri can be operated to realize a SSRF attack also without authorizations.\n\nUsers are recommended to upgrade to version 18.12.11, which fixes this issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-26T11:45:55.393Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.11.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12875"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/x5now4bk3llwf3k58kl96qvtjyxwp43q"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/26/2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Arbitrary file properties reading and SSRF attack",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-50968",
"datePublished": "2023-12-26T11:45:55.393Z",
"dateReserved": "2023-12-17T12:58:11.842Z",
"dateUpdated": "2024-08-02T22:23:44.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-45195
Vulnerability from cvelistv5
Published
2024-09-04 08:08
Modified
2024-09-06 14:25
Severity ?
EPSS score ?
Summary
Apache OFBiz: Confused controller-view authorization logic (forced browsing)
References
| ▼ | URL | Tags |
|---|---|---|
| https://ofbiz.apache.org/download.html | mitigation, product, release-notes | |
| https://ofbiz.apache.org/security.html | patch | |
| https://issues.apache.org/jira/browse/OFBIZ-13130 | issue-tracking | |
| https://lists.apache.org/thread/o90dd9lbk1hh3t2557t2y2qvrh92p7wy | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-09-04T09:03:00.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/09/03/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ofbiz",
"vendor": "apache",
"versions": [
{
"lessThan": "18.12.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45195",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T03:55:18.539086Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:25:24.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "shin24 from National Cyber Security Vietnam"
},
{
"lang": "en",
"type": "finder",
"value": "LuanPV from National Cyber Security Vietnam"
},
{
"lang": "en",
"type": "finder",
"value": "Ryan Emmons, Lead Security Researcher at Rapid7"
},
{
"lang": "en",
"type": "finder",
"value": "Hasib Vhora, Senior Threat Researcher, SonicWall"
},
{
"lang": "en",
"type": "finder",
"value": "Xenc from SGLAB of Legendsec at Qi\u0027anxin Group"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDirect Request (\u0027Forced Browsing\u0027) vulnerability in Apache OFBiz.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OFBiz: before 18.12.16.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 18.12.16, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Direct Request (\u0027Forced Browsing\u0027) vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.16.\n\nUsers are recommended to upgrade to version 18.12.16, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-425",
"description": "CWE-425 Direct Request (\u0027Forced Browsing\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T08:08:59.201Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation",
"product",
"release-notes"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"patch"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-13130"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/o90dd9lbk1hh3t2557t2y2qvrh92p7wy"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Confused controller-view authorization logic (forced browsing)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45195",
"datePublished": "2024-09-04T08:08:59.201Z",
"dateReserved": "2024-08-22T15:19:27.892Z",
"dateUpdated": "2024-09-06T14:25:24.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4462
Vulnerability from cvelistv5
Published
2017-08-30 17:00
Modified
2024-09-17 00:30
Severity ?
EPSS score ?
Summary
By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.net/ml/dev.ofbiz.apache.org/2016-11/msg00180.html | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[www-announce] 20161129 [SECURITY] CVE-2016-4462 OFBiz template remote code vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://git.net/ml/dev.ofbiz.apache.org/2016-11/msg00180.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "13.07.*"
},
{
"status": "affected",
"version": "12.04.*"
},
{
"status": "affected",
"version": "11.04.*"
}
]
}
],
"datePublic": "2016-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-30T16:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[www-announce] 20161129 [SECURITY] CVE-2016-4462 OFBiz template remote code vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://git.net/ml/dev.ofbiz.apache.org/2016-11/msg00180.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2016-11-29T00:00:00",
"ID": "CVE-2016-4462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_value": "13.07.*"
},
{
"version_value": "12.04.*"
},
{
"version_value": "11.04.*"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[www-announce] 20161129 [SECURITY] CVE-2016-4462 OFBiz template remote code vulnerability",
"refsource": "MLIST",
"url": "http://git.net/ml/dev.ofbiz.apache.org/2016-11/msg00180.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2016-4462",
"datePublished": "2017-08-30T17:00:00Z",
"dateReserved": "2016-05-02T00:00:00",
"dateUpdated": "2024-09-17T00:30:36.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-37608
Vulnerability from cvelistv5
Published
2021-08-18 07:50
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
Arbitrary file upload vulnerability in OFBiz
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:23:01.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"name": "[ofbiz-notifications] 20210827 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8d824c1491f552da820ef181b7b2d0541410b3a8748b7906265bbb03%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210827 [jira] [Created] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rca5b167748f0d04816747d68c4ceb7afff9b7b7556211793847d3382%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210902 [jira] [Assigned] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re438aa1054c22eb65f2a047c337259e3b421a30b4ef11afb28c36b93%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210903 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rae6c5ec2c5fc00cbc75612ab6d94a8cc0d02603228cab6316f2b858e%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210903 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r23d04e9c477c3547f6cc87f11626899617927053bbac15b72645ac7b%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210903 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5899ec8324d961863e162b75679309ba4ebe9dbd79cd28edbaafcdca%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210903 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r164c91c47d638869c38e41b3ce501ecaa71f385939f098b2e04df049%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210903 [jira] [Closed] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r21f76ccb0fca2e2b236328d91b9d4b760352fae6293d5275f1c25a3a%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210904 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdfab8e1df42888416e2705acc86b32e1ea0a03a131ed3ea4ff38f4af%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210904 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc40120f33e38f51fc1036c6572094d44cb19d73aa8d40142165ed92d%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210917 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb4024165b7ef0428761aa0c334d44bf8bd05b533310589ee30e3b6e1%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210917 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/radf6d421ec20c9e6d738155d380514f9ba1c9386c5500bda2c9429aa%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210917 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfd639ca63c8a80534b65623d9c6068859d17e2dfaaeb00a24e9fec9c%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210917 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5b7e87f970d678f819263b35b7179f0d979f5c0f716d789aec6536f9%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20211014 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra582196fe06566ac4dbd896223f58c379cdb38088df95def41517422%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20211014 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd7d60e3276b8a9a106a6b057d3976fe123beff6c47c17ba5b3090140%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20211015 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3f1046dccb61568ca8d871f4527f274b2a531e0865fbe2c9afbfecce%40%3Cnotifications.ofbiz.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "17.12.07",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Zhujie from Galaxy Security Laboratory \u003cgalaxylab@sina.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgrade to at least 17.12.08 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12297."
}
],
"metrics": [
{
"other": {
"content": {
"other": "high"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-15T09:06:09",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"name": "[ofbiz-notifications] 20210827 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8d824c1491f552da820ef181b7b2d0541410b3a8748b7906265bbb03%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210827 [jira] [Created] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rca5b167748f0d04816747d68c4ceb7afff9b7b7556211793847d3382%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210902 [jira] [Assigned] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re438aa1054c22eb65f2a047c337259e3b421a30b4ef11afb28c36b93%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210903 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rae6c5ec2c5fc00cbc75612ab6d94a8cc0d02603228cab6316f2b858e%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210903 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r23d04e9c477c3547f6cc87f11626899617927053bbac15b72645ac7b%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210903 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5899ec8324d961863e162b75679309ba4ebe9dbd79cd28edbaafcdca%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210903 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r164c91c47d638869c38e41b3ce501ecaa71f385939f098b2e04df049%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210903 [jira] [Closed] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r21f76ccb0fca2e2b236328d91b9d4b760352fae6293d5275f1c25a3a%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210904 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdfab8e1df42888416e2705acc86b32e1ea0a03a131ed3ea4ff38f4af%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210904 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc40120f33e38f51fc1036c6572094d44cb19d73aa8d40142165ed92d%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210917 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb4024165b7ef0428761aa0c334d44bf8bd05b533310589ee30e3b6e1%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210917 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/radf6d421ec20c9e6d738155d380514f9ba1c9386c5500bda2c9429aa%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210917 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfd639ca63c8a80534b65623d9c6068859d17e2dfaaeb00a24e9fec9c%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210917 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5b7e87f970d678f819263b35b7179f0d979f5c0f716d789aec6536f9%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20211014 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra582196fe06566ac4dbd896223f58c379cdb38088df95def41517422%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20211014 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd7d60e3276b8a9a106a6b057d3976fe123beff6c47c17ba5b3090140%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20211015 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3f1046dccb61568ca8d871f4527f274b2a531e0865fbe2c9afbfecce%40%3Cnotifications.ofbiz.apache.org%3E"
}
],
"source": {
"defect": [
"OFBIZ-12297"
],
"discovery": "UNKNOWN"
},
"title": "Arbitrary file upload vulnerability in OFBiz",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-37608",
"STATE": "PUBLIC",
"TITLE": "Arbitrary file upload vulnerability in OFBiz"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "17.12.07"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Zhujie from Galaxy Security Laboratory \u003cgalaxylab@sina.com\u003e"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgrade to at least 17.12.08 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12297."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "high"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ofbiz.apache.org/security.html",
"refsource": "MISC",
"url": "https://ofbiz.apache.org/security.html"
},
{
"name": "[ofbiz-notifications] 20210827 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8d824c1491f552da820ef181b7b2d0541410b3a8748b7906265bbb03@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210827 [jira] [Created] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rca5b167748f0d04816747d68c4ceb7afff9b7b7556211793847d3382@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210902 [jira] [Assigned] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re438aa1054c22eb65f2a047c337259e3b421a30b4ef11afb28c36b93@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210903 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rae6c5ec2c5fc00cbc75612ab6d94a8cc0d02603228cab6316f2b858e@%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210903 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r23d04e9c477c3547f6cc87f11626899617927053bbac15b72645ac7b@%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210903 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5899ec8324d961863e162b75679309ba4ebe9dbd79cd28edbaafcdca@%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210903 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r164c91c47d638869c38e41b3ce501ecaa71f385939f098b2e04df049@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210903 [jira] [Closed] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r21f76ccb0fca2e2b236328d91b9d4b760352fae6293d5275f1c25a3a@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210904 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdfab8e1df42888416e2705acc86b32e1ea0a03a131ed3ea4ff38f4af@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210904 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc40120f33e38f51fc1036c6572094d44cb19d73aa8d40142165ed92d@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210917 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb4024165b7ef0428761aa0c334d44bf8bd05b533310589ee30e3b6e1@%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210917 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/radf6d421ec20c9e6d738155d380514f9ba1c9386c5500bda2c9429aa@%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210917 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfd639ca63c8a80534b65623d9c6068859d17e2dfaaeb00a24e9fec9c@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210917 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5b7e87f970d678f819263b35b7179f0d979f5c0f716d789aec6536f9@%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20211014 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra582196fe06566ac4dbd896223f58c379cdb38088df95def41517422@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20211014 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd7d60e3276b8a9a106a6b057d3976fe123beff6c47c17ba5b3090140@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20211015 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3f1046dccb61568ca8d871f4527f274b2a531e0865fbe2c9afbfecce@%3Cnotifications.ofbiz.apache.org%3E"
}
]
},
"source": {
"defect": [
"OFBIZ-12297"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-37608",
"datePublished": "2021-08-18T07:50:12",
"dateReserved": "2021-07-29T00:00:00",
"dateUpdated": "2024-08-04T01:23:01.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51467
Vulnerability from cvelistv5
Published
2023-12-26 14:46
Modified
2024-08-19 07:48
Severity ?
EPSS score ?
Summary
Apache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-19T07:48:14.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"mitigation",
"x_transferred"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.11.html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12873"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/9tmf9qyyhgh6m052rhz7lg9vxn390bdv"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/oj2s6objhdq72t6g29omqpcbd1wlp48o"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/26/3"
},
{
"url": "https://www.vicarius.io/vsociety/posts/apache-ofbiz-authentication-bypass-vulnerability-cve-2023-49070-and-cve-2023-51467"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Hasib Vhora, Senior Threat Researcher, SonicWall "
},
{
"lang": "en",
"type": "finder",
"value": "Gao Tian"
},
{
"lang": "en",
"type": "finder",
"value": "L0ne1y"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability permits attackers to circumvent authentication processes, enabling them to remotely \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eexecute arbitrary code\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "critical"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Pre-authentication Remote Code Execution (RCE) vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-04T09:02:37.085Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.11.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-12873"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/9tmf9qyyhgh6m052rhz7lg9vxn390bdv"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/oj2s6objhdq72t6g29omqpcbd1wlp48o"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/26/3"
}
],
"source": {
"defect": [
"OFBIZ-12873"
],
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-51467",
"datePublished": "2023-12-26T14:46:59.800Z",
"dateReserved": "2023-12-20T12:14:42.522Z",
"dateUpdated": "2024-08-19T07:48:14.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-8033
Vulnerability from cvelistv5
Published
2018-12-13 14:00
Modified
2024-08-05 06:46
Severity ?
EPSS score ?
Summary
In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777%40%3Cuser.ofbiz.apache.org%3E | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:11.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[user] 20181005 [SECURITY] CVE-2018-8033 Apache OFBiz XXE Vulnerability in HttpEngine",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777%40%3Cuser.ofbiz.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache OFBiz 16.11.01 to 16.11.04"
}
]
}
],
"datePublic": "2018-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-13T13:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[user] 20181005 [SECURITY] CVE-2018-8033 Apache OFBiz XXE Vulnerability in HttpEngine",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777%40%3Cuser.ofbiz.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2018-8033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_value": "Apache OFBiz 16.11.01 to 16.11.04"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[user] 20181005 [SECURITY] CVE-2018-8033 Apache OFBiz XXE Vulnerability in HttpEngine",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-8033",
"datePublished": "2018-12-13T14:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:46:11.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25370
Vulnerability from cvelistv5
Published
2022-09-02 07:10
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/vrvzokvxqtc4t6d7g8xgz89xpxcvjofh | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/09/02/8 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2022/09/03/1 | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/vrvzokvxqtc4t6d7g8xgz89xpxcvjofh"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Unauth Stored XSS (CVE-2022-25370)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/8"
},
{
"name": "[oss-security] 20220903 Re: Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/03/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "18.12.05",
"status": "affected",
"version": "Apache OFBiz",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Nikita Podotykin from Positive Technologies \u003cnpodotykin@ptsecurity.com\u003e"
},
{
"lang": "en",
"value": "Positive Technologies zeroday \u003czeroday@ptsecurity.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OFBiz uses the Birt plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142), an unauthenticated malicious user could perform a stored XSS attack in order to inject a malicious payload and execute it using the stored XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-03T14:06:10",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/vrvzokvxqtc4t6d7g8xgz89xpxcvjofh"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Unauth Stored XSS (CVE-2022-25370)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/8"
},
{
"name": "[oss-security] 20220903 Re: Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/03/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-25370",
"STATE": "PUBLIC",
"TITLE": "Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OFBiz",
"version_value": "18.12.05"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Nikita Podotykin from Positive Technologies \u003cnpodotykin@ptsecurity.com\u003e"
},
{
"lang": "eng",
"value": "Positive Technologies zeroday \u003czeroday@ptsecurity.com\u003e"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OFBiz uses the Birt plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142), an unauthenticated malicious user could perform a stored XSS attack in order to inject a malicious payload and execute it using the stored XSS."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/vrvzokvxqtc4t6d7g8xgz89xpxcvjofh",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/vrvzokvxqtc4t6d7g8xgz89xpxcvjofh"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Unauth Stored XSS (CVE-2022-25370)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/8"
},
{
"name": "[oss-security] 20220903 Re: Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/03/1"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-25370",
"datePublished": "2022-09-02T07:10:16",
"dateReserved": "2022-02-20T00:00:00",
"dateUpdated": "2024-08-03T04:36:06.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36104
Vulnerability from cvelistv5
Published
2024-06-04 07:25
Modified
2024-08-17 03:55
Severity ?
EPSS score ?
Summary
Apache OFBiz: Path traversal leading to a RCE
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_ofbiz:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "apache_ofbiz",
"vendor": "apache_software_foundation",
"versions": [
{
"lessThan": "18.12.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-36104",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-17T03:55:14.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:30:13.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"mitigation",
"x_transferred"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-13092"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/sv0xr8b1j7mmh5p37yldy9vmnzbodz2o"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/03/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "godspeed (AAA@ZJU)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Apache OFBiz.\u0026nbsp;\u003cp\u003eThis issue affects Apache OFBiz: before 18.12.14.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 18.12.14, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Apache OFBiz.\u00a0This issue affects Apache OFBiz: before 18.12.14.\n\nUsers are recommended to upgrade to version 18.12.14, which fixes the issue.\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T07:25:07.746Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-13092"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/sv0xr8b1j7mmh5p37yldy9vmnzbodz2o"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/03/1"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Path traversal leading to a RCE",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-36104",
"datePublished": "2024-06-04T07:25:07.746Z",
"dateReserved": "2024-05-20T07:10:04.498Z",
"dateUpdated": "2024-08-17T03:55:14.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-30128
Vulnerability from cvelistv5
Published
2021-04-27 19:50
Modified
2024-08-03 22:24
Severity ?
EPSS score ?
Summary
Unsafe deserialization in Apache OFBiz
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:24:59.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12221) Fixed ObjectInputStream denyList [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb82f41de3c44bb644632531f79649046ca76afeab25a2bdb9991ab84%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbe512e5ccd6b11169c6379daa1234bc805f3d53c5a38224e956295ce%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[oss-security] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/27/5"
},
{
"name": "[ofbiz-user] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cuser.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[announce] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cannounce.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210605 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rab718cfe6468085d7560c0c1ae816841e175886199f42e36efb8d735%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210729 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r078351a876ed284ba667b33aba29428d7308a5bd4df78f14a3df6661%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d%40%3Ccommits.ofbiz.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "17.12.07",
"status": "affected",
"version": "Apache OFBiz",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache OFBiz would like to thank Litch1 from the Security Team of Alibaba Cloud \u003clitch1chk@gmail.com\u003e for report"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OFBiz has unsafe deserialization prior to 17.12.07 version"
}
],
"metrics": [
{
"other": {
"content": {
"other": "High, possible RCE"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Java serialisation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-11T19:06:10",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12221) Fixed ObjectInputStream denyList [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb82f41de3c44bb644632531f79649046ca76afeab25a2bdb9991ab84%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rbe512e5ccd6b11169c6379daa1234bc805f3d53c5a38224e956295ce%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[oss-security] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/27/5"
},
{
"name": "[ofbiz-user] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cuser.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[announce] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cannounce.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210605 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rab718cfe6468085d7560c0c1ae816841e175886199f42e36efb8d735%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210729 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r078351a876ed284ba667b33aba29428d7308a5bd4df78f14a3df6661%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d%40%3Ccommits.ofbiz.apache.org%3E"
}
],
"source": {
"defect": [
"OFBIZ-12212",
"OFBIZ-12221"
],
"discovery": "UNKNOWN"
},
"title": "Unsafe deserialization in Apache OFBiz",
"workarounds": [
{
"lang": "en",
"value": "Upgrade to at least 17.12.07 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12212 \u0026 OFBIZ-12221\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-30128",
"STATE": "PUBLIC",
"TITLE": "Unsafe deserialization in Apache OFBiz"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Apache OFBiz",
"version_value": "17.12.07"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache OFBiz would like to thank Litch1 from the Security Team of Alibaba Cloud \u003clitch1chk@gmail.com\u003e for report"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OFBiz has unsafe deserialization prior to 17.12.07 version"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "High, possible RCE"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Java serialisation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12221) Fixed ObjectInputStream denyList [CVE-2021-30128]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb82f41de3c44bb644632531f79649046ca76afeab25a2bdb9991ab84@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rbe512e5ccd6b11169c6379daa1234bc805f3d53c5a38224e956295ce@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[oss-security] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/27/5"
},
{
"name": "[ofbiz-user] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cuser.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d@%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[announce] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cannounce.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210605 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rab718cfe6468085d7560c0c1ae816841e175886199f42e36efb8d735@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210729 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r078351a876ed284ba667b33aba29428d7308a5bd4df78f14a3df6661@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d@%3Ccommits.ofbiz.apache.org%3E"
}
]
},
"source": {
"defect": [
"OFBIZ-12212",
"OFBIZ-12221"
],
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Upgrade to at least 17.12.07 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12212 \u0026 OFBIZ-12221\n"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-30128",
"datePublished": "2021-04-27T19:50:14",
"dateReserved": "2021-04-05T00:00:00",
"dateUpdated": "2024-08-03T22:24:59.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25371
Vulnerability from cvelistv5
Published
2022-09-02 07:10
Modified
2024-11-20 15:11
Severity ?
EPSS score ?
Summary
Unauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBiz
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/bvp3sczqq863lxr1wh7wjvdtjbkcwspq | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/09/02/7 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2022/09/03/1 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2022/09/08/2 | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/bvp3sczqq863lxr1wh7wjvdtjbkcwspq"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/7"
},
{
"name": "[oss-security] 20220903 Re: Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/03/1"
},
{
"name": "[oss-security] 20220908 Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/08/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25371",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-30T16:49:30.632041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T15:11:11.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "18.12.05",
"status": "affected",
"version": "Apache OFBiz",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Nikita Podotykin from Positive Technologies \u003cnpodotykin@ptsecurity.com\u003e"
},
{
"lang": "en",
"value": "Positive Technologies zeroday \u003czeroday@ptsecurity.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OFBiz uses the Birt project plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. By leveraging a bug in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142) it is possible to perform a remote code execution (RCE) attack in Apache OFBiz, release 18.12.05 and earlier."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-26T10:22:24.123Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/bvp3sczqq863lxr1wh7wjvdtjbkcwspq"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/7"
},
{
"name": "[oss-security] 20220903 Re: Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/03/1"
},
{
"name": "[oss-security] 20220908 Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/08/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBiz",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-25371",
"STATE": "PUBLIC",
"TITLE": "Unauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBiz"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OFBiz",
"version_value": "18.12.05"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Nikita Podotykin from Positive Technologies \u003cnpodotykin@ptsecurity.com\u003e"
},
{
"lang": "eng",
"value": "Positive Technologies zeroday \u003czeroday@ptsecurity.com\u003e"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OFBiz uses the Birt project plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. By leveraging a bug in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142) it is possible to perform a remote code execution (RCE) attack in Apache OFBiz, release 18.12.05 and earlier."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/bvp3sczqq863lxr1wh7wjvdtjbkcwspq",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/bvp3sczqq863lxr1wh7wjvdtjbkcwspq"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/7"
},
{
"name": "[oss-security] 20220903 Re: Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/03/1"
},
{
"name": "[oss-security] 20220908 Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/08/2"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-25371",
"datePublished": "2022-09-02T07:10:17",
"dateReserved": "2022-02-20T00:00:00",
"dateUpdated": "2024-11-20T15:11:11.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-29158
Vulnerability from cvelistv5
Published
2022-09-02 07:10
Modified
2024-08-03 06:10
Severity ?
EPSS score ?
Summary
Regular Expression Denial of Service (ReDoS) vulnerability in Apache OFBiz
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/7k92rg1o4ql2yw3o0vttkcl2jhq7j928 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/09/02/5 | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:10:59.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/7k92rg1o4ql2yw3o0vttkcl2jhq7j928"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Regular Expression Denial of Service (ReDoS) (CVE-2022-29158)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "18.12.05",
"status": "affected",
"version": "Apache OFBiz",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tony Torralba and Joseph Farebrother from the GitHub CodeQL team."
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles URLs provided by external, unauthenticated users. Upgrade to 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12599"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333: Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-02T11:06:12",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/7k92rg1o4ql2yw3o0vttkcl2jhq7j928"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Regular Expression Denial of Service (ReDoS) (CVE-2022-29158)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Regular Expression Denial of Service (ReDoS) vulnerability in Apache OFBiz",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-29158",
"STATE": "PUBLIC",
"TITLE": "Regular Expression Denial of Service (ReDoS) vulnerability in Apache OFBiz"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OFBiz",
"version_value": "18.12.05"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Tony Torralba and Joseph Farebrother from the GitHub CodeQL team."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles URLs provided by external, unauthenticated users. Upgrade to 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12599"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1333: Inefficient Regular Expression Complexity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/7k92rg1o4ql2yw3o0vttkcl2jhq7j928",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/7k92rg1o4ql2yw3o0vttkcl2jhq7j928"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Regular Expression Denial of Service (ReDoS) (CVE-2022-29158)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/5"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-29158",
"datePublished": "2022-09-02T07:10:20",
"dateReserved": "2022-04-13T00:00:00",
"dateUpdated": "2024-08-03T06:10:59.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29200
Vulnerability from cvelistv5
Published
2021-04-27 19:50
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:50.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[oss-security] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/27/4"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12216) Fixed UtilObject class [CVE-2021-29200]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r708351f1a8af7adb887cc3d8a92bed8fcbff4a9e495e69a9ee546fda%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-user] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cuser.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[announce] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cannounce.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d%40%3Ccommits.ofbiz.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "17.12.07",
"status": "affected",
"version": "Apache OFBiz",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache OFBiz would like to thank the first report from \"r00t4dm at Cloud-Penetrating Arrow Lab, asd of MoyunSec V-Lab \u003croot@thiscode.cc\u003e and \u8d56\u6db5 \u003c1044309102@qq.com\u003e a bit later"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Java serialisation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-11T19:06:07",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[oss-security] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/27/4"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12216) Fixed UtilObject class [CVE-2021-29200]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r708351f1a8af7adb887cc3d8a92bed8fcbff4a9e495e69a9ee546fda%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-user] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cuser.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[announce] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cannounce.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d%40%3Ccommits.ofbiz.apache.org%3E"
}
],
"source": {
"advisory": "OFBIZ-12216",
"defect": [
"OFBIZ-12216"
],
"discovery": "UNKNOWN"
},
"title": "RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"workarounds": [
{
"lang": "en",
"value": "Upgrade to at least 17.12.07\nor apply one of the patches at https://issues.apache.org/jira/browse/OFBIZ-12216\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Java serialisation using RMI",
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-29200",
"STATE": "PUBLIC",
"TITLE": "RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Apache OFBiz",
"version_value": "17.12.07"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache OFBiz would like to thank the first report from \"r00t4dm at Cloud-Penetrating Arrow Lab, asd of MoyunSec V-Lab \u003croot@thiscode.cc\u003e and \u8d56\u6db5 \u003c1044309102@qq.com\u003e a bit later"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Java serialisation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cdev.ofbiz.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[oss-security] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/27/4"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12216) Fixed UtilObject class [CVE-2021-29200]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r708351f1a8af7adb887cc3d8a92bed8fcbff4a9e495e69a9ee546fda@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-user] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097@%3Cuser.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097@%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d@%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[announce] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re21d25d9fb89e36cea910633779c23f144b9b60596b113b7bf1e8097@%3Cannounce.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d@%3Ccommits.ofbiz.apache.org%3E"
}
]
},
"source": {
"advisory": "OFBIZ-12216",
"defect": [
"OFBIZ-12216"
],
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Upgrade to at least 17.12.07\nor apply one of the patches at https://issues.apache.org/jira/browse/OFBIZ-12216\n"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-29200",
"datePublished": "2021-04-27T19:50:13",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:50.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25813
Vulnerability from cvelistv5
Published
2022-09-02 07:10
Modified
2024-08-03 04:49
Severity ?
EPSS score ?
Summary
Server-Side Template Injection affecting the ecommerce plugin of Apache OFBiz
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/vmj5s0qb59t0lvzf3vol3z1sc3sgyb2b | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/09/02/4 | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:43.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/vmj5s0qb59t0lvzf3vol3z1sc3sgyb2b"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Server-Side Template Injection (CVE-2022-25813)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "18.12.05",
"status": "affected",
"version": "Apache OFBiz",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": " Matei \"Mal\" Badanoiu"
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message \u201cSubject\u201d field from the \"Contact us\" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible."
}
],
"metrics": [
{
"other": {
"content": {
"other": "High"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-02T11:06:16",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/vmj5s0qb59t0lvzf3vol3z1sc3sgyb2b"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Server-Side Template Injection (CVE-2022-25813)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Server-Side Template Injection affecting the ecommerce plugin of Apache OFBiz",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-25813",
"STATE": "PUBLIC",
"TITLE": "Server-Side Template Injection affecting the ecommerce plugin of Apache OFBiz"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OFBiz",
"version_value": "18.12.05"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": " Matei \"Mal\" Badanoiu"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message \u201cSubject\u201d field from the \"Contact us\" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "High"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/vmj5s0qb59t0lvzf3vol3z1sc3sgyb2b",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/vmj5s0qb59t0lvzf3vol3z1sc3sgyb2b"
},
{
"name": "[oss-security] 20220902 Apache OFBiz - Server-Side Template Injection (CVE-2022-25813)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/02/4"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-25813",
"datePublished": "2022-09-02T07:10:18",
"dateReserved": "2022-02-23T00:00:00",
"dateUpdated": "2024-08-03T04:49:43.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46819
Vulnerability from cvelistv5
Published
2023-11-07 11:02
Modified
2024-09-04 19:09
Severity ?
EPSS score ?
Summary
Apache OFBiz: Execution of Solr plugin queries without authentication
References
| ▼ | URL | Tags |
|---|---|---|
| https://ofbiz.apache.org/download.html | mitigation | |
| https://ofbiz.apache.org/security.html | related | |
| https://ofbiz.apache.org/release-notes-18.12.09.html | release-notes | |
| https://lists.apache.org/thread/mm5j0rsbl22q7yb0nmb6h2swbfjbwv99 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"mitigation",
"x_transferred"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.09.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/mm5j0rsbl22q7yb0nmb6h2swbfjbwv99"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-46819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T19:08:46.622717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T19:09:30.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.09",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Anonymous by demand"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin.\u003cbr\u003e\u003cp\u003eThis issue affects Apache OFBiz: before 18.12.09.\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers are recommended to upgrade to version 18.12.09\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin.\nThis issue affects Apache OFBiz: before 18.12.09.\u00a0\n\nUsers are recommended to upgrade to version 18.12.09\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T08:04:39.492Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"mitigation"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"release-notes"
],
"url": "https://ofbiz.apache.org/release-notes-18.12.09.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/mm5j0rsbl22q7yb0nmb6h2swbfjbwv99"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Execution of Solr plugin queries without authentication",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-46819",
"datePublished": "2023-11-07T11:02:03.305Z",
"dateReserved": "2023-10-27T07:20:50.849Z",
"dateUpdated": "2024-09-04T19:09:30.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15714
Vulnerability from cvelistv5
Published
2018-01-04 15:00
Modified
2024-09-16 22:31
Severity ?
EPSS score ?
Summary
The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this code "__format=%27;alert(%27xss%27)" to the URL an alert window would execute.
References
| ▼ | URL | Tags |
|---|---|---|
| https://s.apache.org/UO3W | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:49.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[user] 20180103 [SECURITY] CVE-2017-15714 Apache OFBiz BIRT code vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://s.apache.org/UO3W"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "16.11.01 to 16.11.03"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this code \"__format=%27;alert(%27xss%27)\" to the URL an alert window would execute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T14:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[user] 20180103 [SECURITY] CVE-2017-15714 Apache OFBiz BIRT code vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://s.apache.org/UO3W"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-01-03T00:00:00",
"ID": "CVE-2017-15714",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_value": "16.11.01 to 16.11.03"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this code \"__format=%27;alert(%27xss%27)\" to the URL an alert window would execute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[user] 20180103 [SECURITY] CVE-2017-15714 Apache OFBiz BIRT code vulnerability",
"refsource": "MLIST",
"url": "https://s.apache.org/UO3W"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-15714",
"datePublished": "2018-01-04T15:00:00Z",
"dateReserved": "2017-10-21T00:00:00",
"dateUpdated": "2024-09-16T22:31:04.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-26295
Vulnerability from cvelistv5
Published
2021-03-22 12:00
Modified
2024-08-03 20:19
Severity ?
EPSS score ?
Summary
RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:20.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3c1802eaf34aa78a61b4e8e044c214bc94accbd28a11f3a276586a31%40%3Cuser.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210324 [jira] [Commented] (OFBIZ-12167) Adds a blacklist (to be renamed soon to denylist) in Java serialisation (CVE-2021-26295)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6e4579c4ebf7efeb462962e359501c6ca4045687f12212551df2d607%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210325 Comment out the SOAP and HTTP engines?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0d97a3b7a14777b9e9e085b483629d2774343c4723236d1c73f43ff0%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210325 Re: Comment out the SOAP and HTTP engines?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/reccf8c8a58337ce7c035495d3d82fbc549e97036a9789a2a7d9cccf6%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210329 Re: Comment out the SOAP and HTTP engines?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rec5e9fdcdca13099cfb29f632333f44ad1dd60d90f67b90434e4467a%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210329 [jira] [Commented] (OFBIZ-12167) Adds a blacklist (to be renamed soon to denylist) in Java serialisation (CVE-2021-26295)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc9bd0d3d794dc370bc70585960841868cb29b92dcc80552b84ca2599%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210329 [jira] [Commented] (OFBIZ-6942) Comment out RMI related code because of the Java deserialization issue [CVE-2016-2170]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3ee005dd767cd83f522719423f5e7dd316f168ddbd1dc51a13d4e244%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162104/Apache-OFBiz-SOAP-Java-Deserialization.html"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbe512e5ccd6b11169c6379daa1234bc805f3d53c5a38224e956295ce%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210605 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rab718cfe6468085d7560c0c1ae816841e175886199f42e36efb8d735%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210729 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r078351a876ed284ba667b33aba29428d7308a5bd4df78f14a3df6661%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d%40%3Ccommits.ofbiz.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache OFBiz 17.12.01 to 17.12.05"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache OFBiz would like to thank the first report from \"r00t4dm at Cloud-Penetrating Arrow Lab and Longofo at Knownsec 404 Team\" and the second report by MagicZero from SGLAB of Legendsec at Qi\u0027anxin Group."
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Java serialisation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-11T19:06:12",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/r3c1802eaf34aa78a61b4e8e044c214bc94accbd28a11f3a276586a31%40%3Cuser.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210324 [jira] [Commented] (OFBIZ-12167) Adds a blacklist (to be renamed soon to denylist) in Java serialisation (CVE-2021-26295)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6e4579c4ebf7efeb462962e359501c6ca4045687f12212551df2d607%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210325 Comment out the SOAP and HTTP engines?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0d97a3b7a14777b9e9e085b483629d2774343c4723236d1c73f43ff0%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210325 Re: Comment out the SOAP and HTTP engines?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/reccf8c8a58337ce7c035495d3d82fbc549e97036a9789a2a7d9cccf6%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210329 Re: Comment out the SOAP and HTTP engines?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rec5e9fdcdca13099cfb29f632333f44ad1dd60d90f67b90434e4467a%40%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210329 [jira] [Commented] (OFBIZ-12167) Adds a blacklist (to be renamed soon to denylist) in Java serialisation (CVE-2021-26295)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc9bd0d3d794dc370bc70585960841868cb29b92dcc80552b84ca2599%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210329 [jira] [Commented] (OFBIZ-6942) Comment out RMI related code because of the Java deserialization issue [CVE-2016-2170]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3ee005dd767cd83f522719423f5e7dd316f168ddbd1dc51a13d4e244%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162104/Apache-OFBiz-SOAP-Java-Deserialization.html"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rbe512e5ccd6b11169c6379daa1234bc805f3d53c5a38224e956295ce%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d%40%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210605 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rab718cfe6468085d7560c0c1ae816841e175886199f42e36efb8d735%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210729 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r078351a876ed284ba667b33aba29428d7308a5bd4df78f14a3df6661%40%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d%40%3Ccommits.ofbiz.apache.org%3E"
}
],
"source": {
"advisory": "OFBIZ-12167",
"defect": [
"OFBIZ-12167"
],
"discovery": "UNKNOWN"
},
"title": "RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI",
"workarounds": [
{
"lang": "en",
"value": "Upgrade to at least 17.12.06 or apply the patch at https://github.com/apache/ofbiz-framework/commit/af9ed4e/\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Java serialisation",
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-26295",
"STATE": "PUBLIC",
"TITLE": "RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OFBiz",
"version": {
"version_data": [
{
"version_name": "Apache OFBiz",
"version_value": "17.12.01 to 17.12.05"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache OFBiz would like to thank the first report from \"r00t4dm at Cloud-Penetrating Arrow Lab and Longofo at Knownsec 404 Team\" and the second report by MagicZero from SGLAB of Legendsec at Qi\u0027anxin Group."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Java serialisation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/r3c1802eaf34aa78a61b4e8e044c214bc94accbd28a11f3a276586a31%40%3Cuser.ofbiz.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r3c1802eaf34aa78a61b4e8e044c214bc94accbd28a11f3a276586a31%40%3Cuser.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210324 [jira] [Commented] (OFBIZ-12167) Adds a blacklist (to be renamed soon to denylist) in Java serialisation (CVE-2021-26295)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6e4579c4ebf7efeb462962e359501c6ca4045687f12212551df2d607@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210325 Comment out the SOAP and HTTP engines?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0d97a3b7a14777b9e9e085b483629d2774343c4723236d1c73f43ff0@%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210325 Re: Comment out the SOAP and HTTP engines?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/reccf8c8a58337ce7c035495d3d82fbc549e97036a9789a2a7d9cccf6@%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-dev] 20210329 Re: Comment out the SOAP and HTTP engines?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rec5e9fdcdca13099cfb29f632333f44ad1dd60d90f67b90434e4467a@%3Cdev.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210329 [jira] [Commented] (OFBIZ-12167) Adds a blacklist (to be renamed soon to denylist) in Java serialisation (CVE-2021-26295)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc9bd0d3d794dc370bc70585960841868cb29b92dcc80552b84ca2599@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210329 [jira] [Commented] (OFBIZ-6942) Comment out RMI related code because of the Java deserialization issue [CVE-2016-2170]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3ee005dd767cd83f522719423f5e7dd316f168ddbd1dc51a13d4e244@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "http://packetstormsecurity.com/files/162104/Apache-OFBiz-SOAP-Java-Deserialization.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162104/Apache-OFBiz-SOAP-Java-Deserialization.html"
},
{
"name": "[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rbe512e5ccd6b11169c6379daa1234bc805f3d53c5a38224e956295ce@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d@%3Ccommits.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210605 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rab718cfe6468085d7560c0c1ae816841e175886199f42e36efb8d735@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-notifications] 20210729 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128]",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r078351a876ed284ba667b33aba29428d7308a5bd4df78f14a3df6661@%3Cnotifications.ofbiz.apache.org%3E"
},
{
"name": "[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d@%3Ccommits.ofbiz.apache.org%3E"
}
]
},
"source": {
"advisory": "OFBIZ-12167",
"defect": [
"OFBIZ-12167"
],
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Upgrade to at least 17.12.06 or apply the patch at https://github.com/apache/ofbiz-framework/commit/af9ed4e/\n"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-26295",
"datePublished": "2021-03-22T12:00:18",
"dateReserved": "2021-01-28T00:00:00",
"dateUpdated": "2024-08-03T20:19:20.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38856
Vulnerability from cvelistv5
Published
2024-08-05 08:20
Modified
2024-08-31 03:55
Severity ?
EPSS score ?
Summary
Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code
References
| ▼ | URL | Tags |
|---|---|---|
| https://ofbiz.apache.org/download.html | product, mitigation | |
| https://ofbiz.apache.org/security.html | related | |
| https://lists.apache.org/thread/olxxjk6b13sl3wh9cmp0k2dscvp24l7w | vendor-advisory | |
| https://issues.apache.org/jira/browse/OFBIZ-13128 | issue-tracking |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache Software Foundation | Apache OFBiz |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:02:45.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/08/04/1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ofbiz",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "18.12.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-38856",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-08-27",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-31T03:55:27.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-08-27T00:00:00+00:00",
"value": "CVE-2024-38856 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "18.12.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "unam4"
},
{
"lang": "en",
"type": "finder",
"value": "ruozhi"
},
{
"lang": "en",
"type": "finder",
"value": "m1sn0w"
},
{
"lang": "en",
"type": "finder",
"value": "kuiplatain"
},
{
"lang": "en",
"type": "finder",
"value": "PaperPen@Timeline Sec"
},
{
"lang": "en",
"type": "finder",
"value": "RacerZ"
},
{
"lang": "en",
"type": "finder",
"value": "e0mlja"
},
{
"lang": "en",
"type": "finder",
"value": "Donghyun"
},
{
"lang": "en",
"type": "finder",
"value": "4ra1n"
},
{
"lang": "en",
"type": "finder",
"value": "godspeed"
},
{
"lang": "en",
"type": "finder",
"value": "Hasib Vhora"
},
{
"lang": "en",
"type": "finder",
"value": "pwnull"
},
{
"lang": "en",
"type": "finder",
"value": "blckder02-YHLab"
},
{
"lang": "en",
"type": "finder",
"value": "Xenc from SGLAB of Legendsec at Qi\u0027anxin Group"
},
{
"lang": "en",
"type": "finder",
"value": "Nicholas Zubrisky."
},
{
"lang": "en",
"type": "finder",
"value": "Y4tacker"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIncorrect Authorization vulnerability in Apache OFBiz.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OFBiz: through 18.12.14.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 18.12.15, which fixes the issue.\u003c/p\u003eUnauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don\u0027t explicitly check user\u0027s permissions because they rely on the configuration of their endpoints).\u003cbr\u003e"
}
],
"value": "Incorrect Authorization vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: through 18.12.14.\n\nUsers are recommended to upgrade to version 18.12.15, which fixes the issue.\n\nUnauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don\u0027t explicitly check user\u0027s permissions because they rely on the configuration of their endpoints)."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T08:20:18.081Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"product",
"mitigation"
],
"url": "https://ofbiz.apache.org/download.html"
},
{
"tags": [
"related"
],
"url": "https://ofbiz.apache.org/security.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/olxxjk6b13sl3wh9cmp0k2dscvp24l7w"
},
{
"tags": [
"issue-tracking"
],
"url": "https://issues.apache.org/jira/browse/OFBIZ-13128"
}
],
"source": {
"defect": [
"OFBIZ-13128"
],
"discovery": "EXTERNAL"
},
"title": "Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-38856",
"datePublished": "2024-08-05T08:20:18.081Z",
"dateReserved": "2024-06-20T07:28:36.680Z",
"dateUpdated": "2024-08-31T03:55:27.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}