Actively Targeted Zero-day
FortiGuard Labs continues to observe attack attempts targeting the recent Apache OFBiz vulnerabilities (CVE-2024-38856 and CVE-2024-36104) that can be exploited by threat actors through maliciously crafted unauthorized requests, leading to the remote code execution. Learn More »
Common Vulnerabilities and Exposures
Background
Apache OFBiz is an open-source enterprise resource planning (ERP) system that provides business solutions to various industries. It includes tools to manage business operations such as customer relationships, order processing, human resource functions, and more. According to open sources, there are hundreds of companies worldwide that use Apache OFBiz.
CVE-2024-38856 is an Incorrect Authorization vulnerability, meaning that an unauthenticated user can access restricted functionalities. This flaw was identified while analyzing the patch for CVE-2024-36104, which was an incomplete fix.
CVE-2024-36104 is a Path Traversal vulnerability in Apache OFBiz that exposes endpoints to unauthenticated users, who could leverage it to achieve remote code execution via specially crafted requests.
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
FortiGuard Labs recommends users of the Apache OFBiz application to upgrade to version 18.12.15 or later to mitigate the security vulnerabilities (CVE-2024-38856 and CVE-2024-36104).
-
August 27, 2024: CISA added Apache OFBiz Incorrect Authorization Vulnerability (CVE-2024-38856) to its known exploited vulnerabilitites catalog (KEV).
https://www.cisa.gov/known-exploited-vulnerabilities-catalog -
August 05, 2024: Researchers at Sonicwal discovers Apache OFBiz Zero-Day Vulnerability (CVE-2024-38856).
https://blog.sonicwall.com/en-us/2024/08/sonicwall-discovers-second-critical-apache-ofbiz-zero-day-vulnerability/ -
June 03, 2024: CVE-2024-36104 was disclosed by OSS-Security.
https://www.openwall.com/lists/oss-security/2024/06/03/1
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
IPS
-
Web App Security
-
IOC
-
Outbreak Detection
-
Threat Hunting
-
Cloud Threat Detection
-
Playbook
-
Automated Response
-
Assisted Response Services
-
NOC/SOC Training
-
End-User Training
-
Attack Surface Hardening
-
Attack Surface Monitoring (Inside & Outside)
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
References
Sources of information in support and relation to this Outbreak and vendor.