September 6, 2024 at 01:39AM
A high-severity vulnerability (CVE-2024-45195) in Apache OFBiz ERP system allows unauthenticated remote code execution. The flaw, impacting all versions before 18.12.16, lets attackers execute arbitrary code and has been used to deploy the Mirai botnet malware. The latest patch also tackles a critical SSRF vulnerability (CVE-2024-45507).
Key takeaways from the meeting notes:
1. A high-severity vulnerability, tracked as CVE-2024-45195, has been addressed in the Apache OFBiz open-source ERP system, affecting all versions before 18.12.16. It could lead to unauthenticated remote code execution on Linux and Windows.
2. The vulnerability is a bypass for a sequence of issues, CVE-2024-32113, CVE-2024-36104, and CVE-2024-38856, which were addressed by the project maintainers over the past few months.
3. CVE-2024-32113 and CVE-2024-38856 have come under active exploitation in the wild, with the former leveraged to deploy the Mirai botnet malware.
4. The latest patch, version 18.12.16, also addresses a critical server-side request forgery (SSRF) vulnerability (CVE-2024-45507) that could lead to unauthorized access and system compromise.
5. It’s worth noting that the latest patch validates that a view should permit anonymous access if a user is unauthenticated, rather than performing authorization checks purely based on the target controller.
These are the main points from the meeting notes regarding the cybersecurity vulnerabilities and their mitigations in the Apache OFBiz ERP system.