Web Application Security090502192 - Apache.OFBiz.Endpoints.Incorrect.Authorization.Code.Execution
Description
This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in Apache OFBiz.
The vulnerability is due to incorrect authorization when handling requests. A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted request to the vulnerable server. Successful exploitation could result in arbitrary code execution in the security context of the application.
Outbreak Alert
FortiGuard Labs continues to observe attack attempts targeting the recent Apache OFBiz vulnerabilities (CVE-2024-38856, CVE-2024-45195 and CVE-2024-36104) that can be exploited by threat actors through maliciously crafted unauthorized requests, leading to the remote code execution.
Affected Products
versions prior to 18.12.15
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://issues.apache.org/jira/browse/OFBIZ-13128
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2024-08-30 | 0.00383 |
New
|
| ID | 1090502192 |
| Created | Aug 30, 2024 |
| Updated | Aug 30, 2024 |
| CVE ID | |
| Tags | Apache OFBiz RCE |
| Risk |
|
| Default Action | pass |
| Active | |
| Affected OS | Windows, Linux, MacOS |
| Affected App | Apache |
| Engine Version | 5.0.0 or later |