The Shadowserver Foundation has been seeing attempts to exploit a critical vulnerability affecting the Apache OFBiz open source enterprise resource planning (ERP) system.
Apache OFBiz is leveraged by several ERP and other types of projects, including the widely used Atlassian Jira issue tracking and project management software.
The nonprofit cybersecurity organization Shadowserver reported seeing signs of in-the-wild exploitation for an Apache OFBiz vulnerability tracked as CVE-2023-49070 shortly after details of a different OFBiz bug, CVE-2023-51467, were disclosed by SonicWall.
[...]
Critical Apache OFBiz Vulnerability in Attacker Crosshairs
Critical Apache OFBiz Vulnerability in Attacker Crosshairs
-
- President
- Posts: 291
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Critical Apache OFBiz Vulnerability in Attacker Crosshairs
Robert B. Carleton + ISC2 Central Mississippi President