Lucene search
ApacheCVELIST:CVE-2022-47501HistoryApr 14, 2023 - 3:01 p.m.
CVE-2022-47501 Apache OFBiz: Arbitrary file reading vulnerability
2023-04-1415:01:31
CWE-22
apache
www.cve.org
6
apache ofbiz
file reading
vulnerability
pre-authentication
18.12.07
EPSS
0.071
Percentile
94.1%
Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a
pre-authentication attack.
This issue affects Apache OFBiz: before 18.12.07.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.07",
"status": "affected",
"version": "18.12.06",
"versionType": "custom"
}
]
}
]References
www.openwall.com/lists/oss-security/2023/04/18/5
www.openwall.com/lists/oss-security/2023/04/18/9
www.openwall.com/lists/oss-security/2023/04/19/1
www.openwall.com/lists/oss-security/2023/04/19/6
lists.apache.org/thread/k8s76l0whydy45bfm4b69vq0mf94p3wc
ofbiz.apache.org/download.html
ofbiz.apache.org/security.html
Related
prion
prion
Design/Logic Flaw
2023-04-14 16:15:00
cve
cve
CVE-2022-47501
2023-04-14 16:15:07
cnvd
cnvd
Apache OFBiz Path Traversal Vulnerability
2023-04-18 00:00:00
nuclei
nuclei
Apache OFBiz < 18.12.07 - Local File Inclusion
2024-01-12 02:46:39
nvd
nvd
CVE-2022-47501
2023-04-14 16:15:07