all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical Apache OFBiz Zero-day Flaw Exploited in the Wild

Add to bookmarks
Jan. 10, 2024, 6:51 a.m. | Dhivya

Cyber Security News cybersecuritynews.com

Researchers uncovered a critical authentication bypass zero-day flaw tracked as CVE-2023-51467, with a CVSS score of 9.8 affecting Apache OFBiz’s open-source enterprise resource planning (ERP) system. The vulnerability allows attackers to bypass simple Server-Side Request Forgery (SSRF) authentication. The pre-authenticated RCE vulnerability tracked as CVE-2023-49070 leads to the zero-day SSRF vulnerability CVE-2023-51467 in Apache OFBiz due […]


The post Critical Apache OFBiz Zero-day Flaw Exploited in the Wild appeared first on Cyber Security News.

apache apache ofbiz apache ofbiz zero-day attackers authentication authentication bypass bypass critical cve cvss cvss score enterprise erp exploited flaw forgery ofbiz planning rce request researchers resource score server server-side request forgery simple ssrf system uncovered vulnerability zero-day zero-day flaw

Visit resource

More from cybersecuritynews.com / Cyber Security News

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories) 27 minutes ago | cybersecuritynews.com
attacks breaches changing counter +19
ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic … 1 day, 19 hours ago | cybersecuritynews.com
applications attacks botnets commercial +17
Windows-based AllaKore Malware Abuses Azure Cloud for C2 Infrastructure 1 day, 20 hours ago | cybersecuritynews.com
accounts azure azure cloud bank +27
Hackers Impersonating As Fake Toll Payment Processor Across The U.S. 1 day, 20 hours ago | cybersecuritynews.com
cyber security cybersecurity e-zpass e-zpass fraud +21
Hackers Compromised 600,000 SOHO Routers Within 72 Hours For Botnet 1 day, 20 hours ago | cybersecuritynews.com
72 hours attack attacks botnet +26
Telegram Know For Secure Messaging, Now Became A Tool For Cybercriminals 1 day, 22 hours ago | cybersecuritynews.com
abuse creators cybercriminals cyber security +12
Microsoft Observed Huge-Surge In Attacks Targeting Internet-Exposed OT Devices In WWS 2 days, 1 hour ago | cybersecuritynews.com
attacks cyberattacks cyberav3ngers cyber security +24
RedTail Cryptominer Exploiting Palo Alto Networks Firewall Zero-day Flaw 2 days, 6 hours ago | cybersecuritynews.com
alto arbitrary code attackers code +33
BBC Data Breach: Hackers Access Cloud-Based Storage Service 2 days, 6 hours ago | cybersecuritynews.com
access bbc breach cloud +25

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com