Lucene search
+L

28 matches found

OSV
OSV
added 2022/09/02 7:15 a.m.6 views

CVE-2022-29063

The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run...

9.8CVSS5.9AI score0.03716EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/09/02 7:15 a.m.3 views

CVE-2022-29063

The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run...

9.8CVSS7.3AI score0.03716EPSS
Exploits0References3
Prion
Prion
added 2022/09/02 7:15 a.m.26 views

Design/Logic Flaw

The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run...

7.5CVSS9.4AI score0.03716EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/02 7:10 a.m.73 views

CVE-2022-29063

CVE-2022-29063 affects the Solr plugin in Apache OFBiz. By default it issues a RMI request to localhost:1099; versions 18.12.05 and earlier are vulnerable if an attacker runs a malicious RMI server on localhost, allowing arbitrary code execution at server start-up or on restart. A fix is availabl...

9.8CVSS9.6AI score0.03716EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/02 7:10 a.m.29 views

CVE-2022-29063 Java Deserialization via RMI Connection from the Solr plugin of Apache OFBiz

The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run...

9.6AI score0.03716EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/02 12:0 a.m.6 views

Apache OFBiz 代码问题漏洞

Apache OFBiz is an enterprise resource planning ERP system from the Apache Foundation. A code issue vulnerability exists in Apache OFBiz Solr plugin 18.12.05 and earlier, which stems from the default configuration of automatically issuing RMI requests on port 1099 on localhost, which can be...

9.8CVSS7.3AI score0.03716EPSS
Exploits0References3
CNVD
CNVD
added 2022/09/02 12:0 a.m.37 views

Apache OFBiz Code Issue Vulnerability (CNVD-2023-03920)

Apache OFBiz is an enterprise resource planning ERP system from the Apache Foundation. A code issue vulnerability exists in Apache OFBiz Solr plugin 18.12.05 and earlier, which stems from the default configuration of automatically issuing RMI requests on port 1099 on localhost, which can be...

9.8CVSS1.8AI score0.03716EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/02 12:0 a.m.8 views

PT-2022-19398 · Apache · Apache Ofbiz

Name of the Vulnerable Software and Affected Versions: Apache OFBiz versions prior to 18.12.06 Description: The Solr plugin of Apache OFBiz is configured to automatically make a RMI request on localhost, port 1099 by default. In affected versions, an attacker may exploit this behavior by hosting ...

9.8CVSS9.6AI score0.03716EPSS
Exploits0References3
Rows per page
Query Builder