A new vulnerability has been discovered in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system.
Apache OfBiz is used as a part of the software supply chain in Atlassian’s JIRA, which is predominantly used in several organizations. This vulnerability was a bypass to a previously discovered vulnerability, CVE-2023-49070.
Since the root issue of CVE-2023-49070 was left open, a bypass has been discovered as a workaround for the patch. This new vulnerability has been assigned with CVE-2023-51467, and the severity has been given as 9.8 ( Critical ).
Apache OfBiz Zero-Day
CVE-2023-49070 was a pre-auth RCE vulnerability due to the presence of XML-RPC, which is no longer maintained. However, the released patch was only with removing XML RPC code from the application, which was open for an authentication bypass.
Test Cases
There were two test cases for exploiting this vulnerability—the first one involved including the requirePasswordChange=Y in the URI with empty USERNAME and PASSWORD parameters.
Due to the misconfiguration of the login condition block, the application resulted in the checkLogin function returning with a “success,” leading to the authentication bypass.
#CVE -2023-49070 Pre-auth RCE Apache Ofbiz 18.12.09 #POC : /webtools/control/xmlrpc;/?USERNAME=&PASSWORD=s&requirePasswordChange=Y Ref: https://t.co/NSgI7IQckp cc to me. pic.twitter.com/SHOkhzlH09 — Siebene@ (@Siebene7) December 5, 2023 The second test case was similar to the first one, with slightly changing parameters. The USERNAME and PASSWORD parameters are submitted with invalid values.
However, the checkLogin function flow did not enter into the conditional block, which resulted in the authentication being bypassed.
#CVE -2023-49070 Apache Ofbiz XML-RPC #RCE Affected Versions: < 18.12.10 pic.twitter.com/9QfiCty04f — M4rtin Hsu (@_0xf4n9x_) December 6, 2023 This vulnerability has a publicly available exploit, which penetration testers and security engineers can use to test if the vulnerability exists on their application.
Furthermore, a complete report about this vulnerability has been published by SonicWall, providing detailed information about the code analysis, exploitation, and other information.
Apache OfBiz has fixed this vulnerability in version 18.12.11 and newer. Users of Apache OfBiz are recommended to upgrade to the latest version of this software to prevent this vulnerability from getting exploited by threat actors.
The post Critical Apache OfBiz Zero-Day Let Attackers Bypass Authentication appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform .
Top News
-
U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain
Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a...
-
Lừa đảo mạo danh ‘nở rộ’ trên không gian mạng và ngày càng tinh vi
Dù hình thức không mới song lừa đảo mạo danh hiện vẫn đang khiến nhiều người dân tại Việt Nam và trên thế giới sập bẫy, bị chiếm đoạt tài sản.
-
Lừa đảo đánh cắp mã OTP tinh vi, tấn công mạng tận dụng lỗ hổng mới
Xuất hiện lừa đảo đánh cắp mã OTP tinh vi; Hacker gia tăng tốc độ tận dụng các lỗ hổng mới,... là những thông tin công nghệ trong nước nổi bật...
-
Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users
Hackers are targeting, attacking, and exploiting ML models. They want to hack into these systems to steal sensitive data, interrupt services, or...
-
Sleepy Pickle - Kỹ thuật tấn công mới nhắm vào các mô hình học máy
Sleepy Pickle là một kỹ thuật tấn công mới lạ và bí mật nhắm vào chính mô hình ML (Machine Learning) thay vì hệ thống cơ bản. {...