December 28, 2023 at 11:21AM
Apache OFBiz, utilized for business operations, contains a critical pre-authentication remote code execution vulnerability, CVE-2023-49070, actively being exploited. A patch to resolve the issue was found incomplete, resulting in the discovered bypass flaw, CVE-2023-51467. The urgency for users to upgrade to version 18.12.11 is emphasized due to the risk of exploitation.
Key takeaways from the meeting notes are as follows:
1. A critical pre-authentication remote code execution (RCE) vulnerability, tracked as CVE-2023-49070, was actively exploited in Apache OFBiz.
2. The vulnerability allowed attackers to elevate their privileges without authentication, perform arbitrary code execution, and access sensitive information.
3. The initial fix for CVE-2023-49070 was incomplete, leaving the issue intact in a fully patched version of the software.
4. A new bypass issue, designated as CVE-2023-51467, was discovered, allowing attackers to exploit the flawed authentication logic.
5. The latest release, OFBiz version 18.12.11, addresses the new bypass issue and should be upgraded to minimize the risk of exploitation.
6. Threat monitoring services have reported scans leveraging public proof-of-concept exploits for CVE-2023-49070, with warnings of similar exploitation attempts for CVE-2023-51467.
7. Users of Apache OFBiz, particularly those using Confluence servers, are advised to upgrade to version 18.12.11 as soon as possible to minimize the risk.