Intrusion PreventionApache.OFBiz.CVE-2023-51467.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass vulnerability in Apache OFBiz.
This vulnerability is due to improper access control in the vulnerable application. An unauthenticated, remote attacker may be able to exploit this to bypass authentication checks via a crafted HTTP request. Successful exploitation could result in privilege escalation and code execution on the target system.
Affected Products
Apache OFBiz before 18.12.11
Impact
Security Bypass: Remote attackers can bypass security checks of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://ofbiz.apache.org/download.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-03-20 | 27.752 | Sig Added |
| 2024-02-07 | 26.729 | Default_action:pass:drop |
| 2024-01-10 | 26.712 |
| ID | 54549 |
| Created | Jan 08, 2024 |
| Updated | Mar 20, 2024 |
| Threat Signal | View Report |
| Risk |
|
| CVE ID | CVE-2023-51467 |
| Exploit Prediction Score | 65.36% |
| Default Action | drop |
| Active | |
| Affected OS | All |
| Affected App | Apache |