CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46819 – Apache OFBiz: Execution of Solr plugin queries without authentication
https://notcve.org/view.php?id=CVE-2023-46819
Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin. This issue affects Apache OFBiz: before 18.12.09. Users are recommended to upgrade to version 18.12.09 Falta autenticación en Apache Software Foundation Apache OFBiz cuando se usa el complemento Solr. Este problema afecta a Apache OFBiz: antes del 18.12.09. Se recomienda a los usuarios actualizar a la versión 18.12.09 • https://lists.apache.org/thread/mm5j0rsbl22q7yb0nmb6h2swbfjbwv99 https://ofbiz.apache.org/download.html https://ofbiz.apache.org/release-notes-18.12.09.html https://ofbiz.apache.org/security.html • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2022-47501 – Apache OFBiz: Arbitrary file reading vulnerability
https://notcve.org/view.php?id=CVE-2022-47501
Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a pre-authentication attack. This issue affects Apache OFBiz: before 18.12.07. • http://www.openwall.com/lists/oss-security/2023/04/18/5 http://www.openwall.com/lists/oss-security/2023/04/18/9 http://www.openwall.com/lists/oss-security/2023/04/19/1 http://www.openwall.com/lists/oss-security/2023/04/19/6 https://lists.apache.org/thread/k8s76l0whydy45bfm4b69vq0mf94p3wc https://ofbiz.apache.org/download.html https://ofbiz.apache.org/security.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29158 – Regular Expression Denial of Service (ReDoS) vulnerability in Apache OFBiz
https://notcve.org/view.php?id=CVE-2022-29158
Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles URLs provided by external, unauthenticated users. Upgrade to 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12599 Apache OFBiz versiones hasta 18.12.05, es vulnerable a la Denegación de Servicio por Expresión Regular (ReDoS) en la forma en que maneja las URLs proporcionadas por usuarios externos no autenticados. Actualice a versión 18.12.06 o aplique los parches en https://issues.apache.org/jira/browse/OFBIZ-12599 • http://www.openwall.com/lists/oss-security/2022/09/02/5 https://lists.apache.org/thread/7k92rg1o4ql2yw3o0vttkcl2jhq7j928 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29063 – Java Deserialization via RMI Connection from the Solr plugin of Apache OFBiz
https://notcve.org/view.php?id=CVE-2022-29063
The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run arbitrary code. Upgrade to at least 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12646. El plugin Solr de Apache OFBiz está configurado por defecto para realizar automáticamente una petición RMI en localhost, puerto 1099. En versiones 18.12.05 y anteriores, al alojar un servidor RMI malicioso en localhost, un atacante puede explotar este comportamiento, al iniciar el servidor o al reiniciarlo, para ejecutar código arbitrario. • https://github.com/mbadanoiu/CVE-2022-29063 http://www.openwall.com/lists/oss-security/2022/09/02/6 https://lists.apache.org/thread/ytzrjc16pf357zntwk8tjby13kbx9105 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-25813 – Server-Side Template Injection affecting the ecommerce plugin of Apache OFBiz
https://notcve.org/view.php?id=CVE-2022-25813
In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible. En Apache OFBiz, versiones 18.12.05 y anteriores, un atacante que actúe como usuario anónimo del plugin de comercio electrónico, puede insertar un contenido malicioso en el campo "Subject" de un mensaje de la página "Contact us". A continuación, un administrador de la fiesta necesita listar las comunicaciones en el componente de la fiesta para activar el SSTI. • https://github.com/mbadanoiu/CVE-2022-25813 http://www.openwall.com/lists/oss-security/2022/09/02/4 https://lists.apache.org/thread/vmj5s0qb59t0lvzf3vol3z1sc3sgyb2b • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •