CVE-2023-51467

Vulnerability updated 2 months ago (2024-11-29T14:18:07.933Z)

Download STIX

Preview STIX

CVE-2023-51467 is a critical vulnerability found in the Apache OFBiz software, with a severity rating of 9.8 on the CVSS scale. This zero-day vulnerability, disclosed on December 26, allows attackers to bypass authentication processes and inject malicious code into the system. The flaw exposes sensitive information and permits remote execution of code against applications using the ERP framework, significantly compromising the security of affected systems. The vulnerability was identified and analyzed by cybersecurity firm SonicWall, which revealed its potential for severe exploitation. The flaw could be leveraged by cybercriminals to gain unauthorized access to sensitive data and manipulate system operations remotely. As such, it poses a significant risk to any organizations utilizing vulnerable versions of Apache OFBiz software. In response to this discovery, Apache has released a patch that addresses this pre-authentication remote code execution vulnerability. Zscaler ThreatLabz strongly advises users of Apache OFBiz software to promptly upgrade to version 18.12.11, as this version contains crucial fixes that mitigate the identified security vulnerability. By implementing this update, users can protect their systems from potential exploits associated with CVE-2023-51467.

Description last updated: 2024-03-17T13:16:18.207Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Apache

Sonicwall

Ofbiz

Vulnerability

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the CVE-2023-51467 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	6 months ago	SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
Securityaffairs	6 months ago	Researchers warn of a new critical Apache OFBiz flaw
Securityaffairs	6 months ago	security-affairs-malware-newsletter-round-5
Securityaffairs	6 months ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	6 months ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	7 months ago	Security Affairs Malware Newsletter - Round 2
Securityaffairs	7 months ago	Security Affairs Malware Newsletter - Round 1
Securityaffairs	7 months ago	Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	7 months ago	Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	8 months ago	Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	8 months ago	Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	9 months ago	Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	9 months ago	Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	10 months ago	Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	10 months ago	Security Affairs newsletter Round 466 by Pierluigi Paganini
Securityaffairs	10 months ago	Security Affairs newsletter Round 465 by Pierluigi Paganini
SANS ISC	10 months ago	Scans for Apache OfBiz - SANS Internet Storm Center
Securityaffairs	10 months ago	Security Affairs newsletter Round 464 by Pierluigi Paganini
Securityaffairs	a year ago	Security Affairs newsletter Round 463 by Pierluigi Paganini
Securityaffairs	a year ago	Security Affairs newsletter Round 462 by Pierluigi Paganini