all InfoSec news
Critical Apache OFBiz Zero-day Flaw Exploited in the Wild
Cyber Security News cybersecuritynews.com
Researchers uncovered a critical authentication bypass zero-day flaw tracked as CVE-2023-51467, with a CVSS score of 9.8 affecting Apache OFBiz’s open-source enterprise resource planning (ERP) system. The vulnerability allows attackers to bypass simple Server-Side Request Forgery (SSRF) authentication. The pre-authenticated RCE vulnerability tracked as CVE-2023-49070 leads to the zero-day SSRF vulnerability CVE-2023-51467 in Apache OFBiz due […]
The post Critical Apache OFBiz Zero-day Flaw Exploited in the Wild appeared first on Cyber Security News.
apache apache ofbiz apache ofbiz zero-day attackers authentication authentication bypass bypass critical cve cvss cvss score enterprise erp exploited flaw forgery ofbiz planning rce request researchers resource score server server-side request forgery simple ssrf system uncovered vulnerability zero-day zero-day flaw