all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack

Add to bookmarks
Dec. 27, 2023, 3:39 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections.
The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplete patch for another critical vulnerability (CVE-2023-49070, CVSS score: 9.8) that was

apache attack authentication businesses bypass critical critical vulnerability cve enterprise erp exploited flaw login patch planning resource result security security flaw system vulnerability zero-day

Visit resource

More from thehackernews.com / The Hacker News

Expert-Led Webinar - Uncovering Latest DDoS Tactics and Learn How to Fight Back 17 hours ago | thehackernews.com
address attacks back business +22
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications 18 hours ago | thehackernews.com
abusing aim amp api +25
New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data 19 hours ago | thehackernews.com
address applications business corporate +15
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources 21 hours ago | thehackernews.com
advisory agency alert cybersecurity +22
Google Announces Passkeys Adopted by Over 400 Million Accounts 1 day ago | thehackernews.com
accounts easy fingerprint google +8
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks 1 day, 1 hour ago | thehackernews.com
address aruba aruba networks arubaos +34
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw 1 day, 16 hours ago | thehackernews.com
android android apps app applications +32
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million 1 day, 18 hours ago | thehackernews.com
attacks hacker national pay +10
When is One Vulnerability Scanner Not Enough? 1 day, 20 hours ago | thehackernews.com
antivirus antivirus software benefits concept +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Nestlé | St. Louis, MO, US, 63164
View on infosec-jobs.com

Cybersecurity Analyst

@ Dana Incorporated | Pune, MH, IN, 411057
View on infosec-jobs.com

Sr. Application Security Engineer

@ CyberCube | United States
View on infosec-jobs.com

Linux DevSecOps Administrator (Remote)

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Cyber Security Intern or Co-op

@ Langan | Parsippany, NJ, US, 07054-2172
View on infosec-jobs.com

Security Advocate - Application Security

@ Datadog | New York, USA, Remote
View on infosec-jobs.com
View more jobs