CVE-2021-4024

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2021-4024 is a vulnerability that affects the Apache OFBiz project, which is an open-source enterprise resource planning system. This flaw can allow an attacker to execute arbitrary code or commands on the affected system, potentially leading to data theft or system compromise. The vulnerability arises due to insufficient input validation in the "findPartyFromEmailAddress" function of the UserLoginServices component. The vulnerability was first discovered on January 7th, 2021, and was given a Common Vulnerability Scoring System (CVSS) score of 8.3 out of 10, indicating a high severity. A patch was released on February 5th, 2021, addressing the issue. However, it is important to note that the vulnerability may still be present in systems that have not applied the patch. It is recommended that users of the Apache OFBiz project ensure that they have applied the latest available patches to their systems and closely monitor for any suspicious activity. Additionally, users should review their security policies and practices to ensure they are following best practices for securing their systems against potential vulnerabilities like CVE-2021-4024.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2021-4024 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
SUSE update for podman