Vulnerability updated 22 days ago (2024-11-29T13:36:03.664Z)
Download STIX
Preview STIX
CVE-2021-4024 is a vulnerability that affects the Apache OFBiz project, which is an open-source enterprise resource planning system. This flaw can allow an attacker to execute arbitrary code or commands on the affected system, potentially leading to data theft or system compromise. The vulnerability arises due to insufficient input validation in the "findPartyFromEmailAddress" function of the UserLoginServices component.
The vulnerability was first discovered on January 7th, 2021, and was given a Common Vulnerability Scoring System (CVSS) score of 8.3 out of 10, indicating a high severity. A patch was released on February 5th, 2021, addressing the issue. However, it is important to note that the vulnerability may still be present in systems that have not applied the patch.
It is recommended that users of the Apache OFBiz project ensure that they have applied the latest available patches to their systems and closely monitor for any suspicious activity. Additionally, users should review their security policies and practices to ensure they are following best practices for securing their systems against potential vulnerabilities like CVE-2021-4024.
Description last updated: 2023-06-23T20:16:02.319Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the CVE-2021-4024 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more