CVE-2023-51467 Apache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability

🗓️ 26 Dec 2023 14:46:59Reported by apacheType

CVE-2023-51467 Apache OFBiz pre-authentication RCE vulnerabilit

Reporter	Title	Published	Views	Family All 36
GithubExploit	Exploit for Code Injection in Apache Ofbiz	2 Jan 202414:20	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Ofbiz	17 Jan 202407:31	–	githubexploit
GithubExploit	Exploit for Server-Side Request Forgery in Apache Ofbiz	29 Dec 202317:47	–	githubexploit
GithubExploit	Exploit for Server-Side Request Forgery in Apache Ofbiz	29 Dec 202302:25	–	githubexploit
GithubExploit	Exploit for Server-Side Request Forgery in Apache Ofbiz	9 Jan 202416:58	–	githubexploit
GithubExploit	Exploit for Server-Side Request Forgery in Apache Ofbiz	6 Jan 202404:07	–	githubexploit
GithubExploit	Exploit for Server-Side Request Forgery in Apache Ofbiz	13 Jan 202405:40	–	githubexploit
GithubExploit	Exploit for Server-Side Request Forgery in Apache Ofbiz	29 Dec 202315:01	–	githubexploit
GithubExploit	Exploit for Server-Side Request Forgery in Apache Ofbiz	13 Jan 202405:40	–	githubexploit
GithubExploit	Exploit for Code Injection in Apache Ofbiz	8 Jan 202403:13	–	githubexploit

[
  {
    "defaultStatus": "unaffected",
    "product": "Apache OFBiz",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "18.12.11",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
ofbiz	www.ofbiz.apache.org/security.html
ofbiz	www.ofbiz.apache.org/download.html
openwall	www.openwall.com/lists/oss-security/2023/12/26/3
ofbiz	www.ofbiz.apache.org/release-notes-18.12.11.html
lists	www.lists.apache.org/thread/9tmf9qyyhgh6m052rhz7lg9vxn390bdv
lists	www.lists.apache.org/thread/oj2s6objhdq72t6g29omqpcbd1wlp48o
issues	www.issues.apache.org/jira/browse/OFBIZ-12873

04 Jan 2024 09:02Current

9.9High risk

Vulners AI Score9.9

EPSS0.96001