Critical Apache OFBiz Vulnerability in Attacker Crosshairs

Industry news
Post Reply
rbc
President
Posts: 291
Joined: Mon Oct 30, 2023 1:32 am
Location: Vicksburg, MS
ISC2 Member Status: Yes
Contact:

Critical Apache OFBiz Vulnerability in Attacker Crosshairs

Post by rbc »

The Shadowserver Foundation has been seeing attempts to exploit a critical vulnerability affecting the Apache OFBiz open source enterprise resource planning (ERP) system.

Apache OFBiz is leveraged by several ERP and other types of projects, including the widely used Atlassian Jira issue tracking and project management software.

The nonprofit cybersecurity organization Shadowserver reported seeing signs of in-the-wild exploitation for an Apache OFBiz vulnerability tracked as CVE-2023-49070 shortly after details of a different OFBiz bug, CVE-2023-51467, were disclosed by SonicWall.
[...]
Critical Apache OFBiz Vulnerability in Attacker Crosshairs
Robert B. Carleton + ISC2 Central Mississippi President
Post Reply