CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2022-25371 – Unauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBiz
https://notcve.org/view.php?id=CVE-2022-25371
Apache OFBiz uses the Birt project plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. By leveraging a bug in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142) it is possible to perform a remote code execution (RCE) attack in Apache OFBiz, release 18.12.05 and earlier. Apache OFBiz usa el plugin del proyecto Birt (https://eclipse.github.io/birt-website/) para crear visualizaciones de datos e informes. Aprovechando un bug en Birt (https://bugs.eclipse.org/bugs/show_bug.cgi? • http://www.openwall.com/lists/oss-security/2022/09/02/7 http://www.openwall.com/lists/oss-security/2022/09/03/1 http://www.openwall.com/lists/oss-security/2022/09/08/2 https://lists.apache.org/thread/bvp3sczqq863lxr1wh7wjvdtjbkcwspq • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25370 – Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz
https://notcve.org/view.php?id=CVE-2022-25370
Apache OFBiz uses the Birt plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142), an unauthenticated malicious user could perform a stored XSS attack in order to inject a malicious payload and execute it using the stored XSS. Apache OFBiz usa el plugin Birt (https://eclipse.github.io/birt-website/) para crear visualizaciones de datos e informes. En Apache OFBiz, versión 18.12.05 y anteriores, aprovechando una vulnerabilidad en Birt (https://bugs.eclipse.org/bugs/show_bug.cgi? • http://www.openwall.com/lists/oss-security/2022/09/02/8 http://www.openwall.com/lists/oss-security/2022/09/03/1 https://lists.apache.org/thread/vrvzokvxqtc4t6d7g8xgz89xpxcvjofh • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25958 – Generation of Error Message Containing Sensitive Information in Apache OFBiz
https://notcve.org/view.php?id=CVE-2021-25958
In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch exception to handle errors at multiple locations but leaks out sensitive table info which may aid the attacker for further recon. A user can register with a very long password, but when he tries to login with it an exception occurs. En Apache Ofbiz, las versiones v17.12.01 a v17.12.07, implementan una excepción try catch para manejar errores en múltiples ubicaciones, pero filtran información confidencial de la tabla que puede ayudar al atacante para su posterior reconocimiento. Un usuario puede registrarse con una contraseña muy larga, pero cuando intenta iniciar sesión con ella es producida una excepción. • https://github.com/apache/ofbiz-framework/commit/2f5b8d33e32c4d9a48243cf9e503236acd5aec5c https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25958 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-37608 – Arbitrary file upload vulnerability in OFBiz
https://notcve.org/view.php?id=CVE-2021-37608
Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgrade to at least 17.12.08 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12297. Una vulnerabilidad de Carga sin Restricciones de Archivos de Tipo Peligroso en Apache OFBiz, permite a un atacante ejecutar comandos remotos. Este problema afecta a Apache OFBiz versión 17.12.07 y versiones anteriores. • https://lists.apache.org/thread.html/r164c91c47d638869c38e41b3ce501ecaa71f385939f098b2e04df049%40%3Cnotifications.ofbiz.apache.org%3E https://lists.apache.org/thread.html/r21f76ccb0fca2e2b236328d91b9d4b760352fae6293d5275f1c25a3a%40%3Cnotifications.ofbiz.apache.org%3E https://lists.apache.org/thread.html/r23d04e9c477c3547f6cc87f11626899617927053bbac15b72645ac7b%40%3Ccommits.ofbiz.apache.org%3E https://lists.apache.org/thread.html/r3f1046dccb61568ca8d871f4527f274b2a531e0865fbe2c9afbfecce%40%3Cnotifications.ofbiz.apache.org%3E https://lists.apache.org/thread.html/r5899ec8324d961863e162b75679309ba4ebe9dbd • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 75%CPEs: 1EXPL: 1CVE-2021-30128 – Unsafe deserialization in Apache OFBiz
https://notcve.org/view.php?id=CVE-2021-30128
Apache OFBiz has unsafe deserialization prior to 17.12.07 version Apache OFBiz, presenta una deserialización no segura, anterior a versión 17.12.07 • https://github.com/LioTree/CVE-2021-30128-EXP http://www.openwall.com/lists/oss-security/2021/04/27/5 https://lists.apache.org/thread.html/r078351a876ed284ba667b33aba29428d7308a5bd4df78f14a3df6661%40%3Cnotifications.ofbiz.apache.org%3E https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d%40%3Ccommits.ofbiz.apache.org%3E https://lists.apache.org/thread.html/rab718cfe6468085d7560c0c1ae816841e175886199f42e36efb8d735%40%3Cnotifications.ofbiz.apache.org%3E https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e291993 • CWE-502: Deserialization of Untrusted Data •