Apache.OFBiz.CVE-2023-51467.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass vulnerability in Apache OFBiz.
This vulnerability is due to improper access control in the vulnerable application. An unauthenticated, remote attacker may be able to exploit this to bypass authentication checks via a crafted HTTP request. Successful exploitation could result in privilege escalation and code execution on the target system.
Affected Products
Apache OFBiz before 18.12.11
Impact
Security Bypass: Remote attackers can bypass security checks of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://ofbiz.apache.org/download.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2024-03-20 | 27.752 | Sig Added |
2024-02-07 | 26.729 | Default_action:pass:drop |
2024-01-10 | 26.712 |