all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A Vulnerability in Apache OFBiz Could Allow for Remote Code Execution

Add to bookmarks
Feb. 23, 2024, 12:48 p.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in the Apache OFBiz, which could allow for remote code execution. Apache OFBiz is an open source product for the automation of enterprise processes. It includes framework components and business applications for ERP, CRM, E-Business/E-Commerce, Supply Chain Management and Manufacturing Resource Planning. Successful exploitation could allow for remote code execution in the context of the Server. Depending on the privileges associated with the logged on user, an attacker could then install programs; view, change, or …

apache apache ofbiz applications automation business business applications code code execution commerce components crm e-commerce enterprise erp exploitation framework management manufacturing ofbiz open source planning processes product remote code remote code execution resource supply supply chain supply chain management vulnerability

Visit resource

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 1 day, 14 hours ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 1 week ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Oracle Quarterly Critical Patches Issued April 16, 2024 2 weeks ago | www.cisecurity.org
april code code execution critical +7
Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code Execution 2 weeks ago | www.cisecurity.org
authentication avalanche code code execution +23
Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution 2 weeks, 1 day ago | www.cisecurity.org
attacker chrome code code execution +9
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2 weeks, 1 day ago | www.cisecurity.org
access arbitrary code arbitrary code execution browser +17
A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution 2 weeks, 5 days ago | www.cisecurity.org
alto arbitrary code arbitrary code execution code +16
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 3 weeks ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 3 weeks, 1 day ago | www.cisecurity.org
adobe adobe after effects adobe commerce after effects +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs