On November 19, 2024, Sangfor FarSight Labs reported a Remote Code Execution (RCE) vulnerability in Apache OFBiz, affecting versions prior to 18.12.17. This vulnerability, identified as CVE-2024-47208, is not currently known to be actively exploited, nor is it listed by CISA. However, it is important to note that previous vulnerabilities in Apache OFBiz were actively exploited in August 2024, indicating the potential for future attacks if not patched in a timely manner.
| Product | OFBiz |
| Date | 2024-11-22 10:13:03 |
| Information |
|
Technical Summary
CVE-2024-47208 is a Remote Code Execution (RCE) vulnerability in Apache OFBiz. The vulnerability is caused by inadequate authorization checks that allow attackers to exploit a Server-Side Request Forgery (SSRF) flaw. By sending specially crafted requests, attackers can inject Groovy expressions that the server will execute, allowing them to gain control of the system. This could lead to unauthorized access, data theft, or further compromise of the breached system.
Recommendations
- Update Apache OFBiz to version 18.12.17 or later to patch the vulnerability.
- Verify system versions to ensure that affected versions are not in use.
- Restrict access to the Apache OFBiz system and implement monitoring solutions and Web Application Firewalls (WAF) to prevent exploitation.
[Callforaction-THREAT-Footer]
