National Cyber Warfare Foundation (NCWF)

Apache OFBiz Arbitrary File Reading and Remote Code Execution Vulnerabilities (CVE-2023-50968 CVE-2023-51467) Alert
0 user ratings		2023-12-27 17:14:26
milo
Blue Team (CND)
 - archive -- 

Overview Recently, NSFOCUS CERT detected that Apache officially released a security announcement and fixed two high-risk vulnerabilities in Apache Ofbiz. CVE-2023-50968: Due to problems in Apache Software Foundation, unauthorized attackers can read files and carry out SSRF attacks when operating uri calls; CVE-2023-51467: Due to a privilege verification logic error in Apache Ofbiz, an attacker […]


The post Apache OFBiz Arbitrary File Reading and Remote Code Execution Vulnerabilities (CVE-2023-50968/CVE-2023-51467) Alert appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..


The post Apache OFBiz Arbitrary File Reading and Remote Code Execution Vulnerabilities (CVE-2023-50968/CVE-2023-51467) Alert appeared first on Security Boulevard.



NSFOCUS

Source: Security Boulevard
Source Link: https://securityboulevard.com/2023/12/apache-ofbiz-arbitrary-file-reading-and-remote-code-execution-vulnerabilities-cve-2023-50968-cve-2023-51467-alert/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.