1. Summary
| Vulnerability Name |
Apache OFBiz Authentication Bypass Vulnerability |
|---|---|
| Release Date |
December 28, 2023 |
| Component Name |
Apache OFBiz |
| Affected Versions |
Apache OFBiz < 18.12.11 |
| Vulnerability Type |
Authentication Bypass |
| Severity |
CVSS v3 Base Score: 9.8 (Critical) |
| Exploitability |
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None |
| Impact |
Confidentiality Impact: High Integrity Impact: High Availability Impact: High |
2. About the Vulnerability CVE-2023-51467
2.1 Introduction
Apache Open For Business (OFBiz) is an open-source enterprise resource planning (ERP) system that provides a suite of enterprise applications for users to manage their financial systems, customer relationships, supply chains, orders, products, and more. With a highly adaptable architecture that can be customized and extended as needed, Apache OFBiz also provides a variety of APIs and plug-ins, which enable developers to build custom business applications in no time.
2.2 Summary
On December 28, 2023, Sangfor FarSight Labs received notification of an authentication bypass vulnerability in Apache OFBiz, identified as CVE-2023-51467 and classified as Critical severity (CVSS score 9.8) by NVD.
This vulnerability is caused by Apache OFBiz’s improper handling of authentication requests. Attackers can exploit this vulnerability to bypass authentication and carry out a Server-Side Request Forgery (SSRF) attack.
CVE-2023-51467 could also be leveraged for remote code execution. This potentially enables attackers to gain unauthorized system access and perform high-level functions, including accessing sensitive data or altering system configurations, effectively granting them the highest admin privileges on a server.
3. Affected Versions
Apache OFBiz < 18.12.11
4. Solutions
4.1 Remediation Solutions
4.1.1 Official Solution
Apache has released a new version of OFBiz, and affected users are strongly recommended to update to the latest version to fix the vulnerability. For more information, visit https://ofbiz.apache.org/index.html
4.1.2 Sangfor Solutions
4.1.2.1 Security Monitoring
The following Sangfor products and services perform real-time monitoring of assets affected by the Apache OFBiz authentication bypass vulnerability (CVE-2023-51467):
- Sangfor Cyber Command (Network Detection and Response)
- Sangfor Cyber Guardian (Managed Detection and Response)
4.1.2.2 Security Protection
The following Sangfor products and services provide protection against the Apache OFBiz authentication bypass vulnerability (CVE-2023-51467):
- Sangfor Network Secure (Next-Generation Firewall)
- Sangfor Cyber Guardian (Managed Detection and Response)
5. Timeline
On December 28, 2023, Sangfor FarSight Labs received notification of an Apache OFBiz authentication bypass vulnerability (CVE-2023-51467).
On December 28, 2023, Sangfor FarSight Labs released a vulnerability alert.
On January 4, 2024, Sangfor FarSight Labs released remediation solutions.
6. References
https://www.openwall.com/lists/oss-security/2023/12/26/3
https://nvd.nist.gov/vuln/detail/CVE-2023-51467
7. About Sangfor FarSight Labs
Sangfor FarSight Labs researches the latest cyberthreats and unknown zero-day vulnerabilities, alerting customers to potential dangers to their organizations, and providing real-time solutions with actionable intelligence. Sangfor FarSight Labs works with other security vendors and the security community at large to identify and verify global cyberthreats, providing fast and easy protection for customers.
