About the Vulnerability
Introduction
Apache OFBiz is a sufficiently flexible business application that can be used in any industry. The generic architecture allows developers to easily extend or enhance it to create custom features.
Summary
On November 19, 2024, Sangfor FarSight Labs received notification that an Apache OFBiz component contains information of Remote Code Execution Vulnerability (CVE-2024-47208), classified as high in threat level.
In versions of OFBiz prior to 18.12.17, due to improper permission controls, attackers could craft malicious requests to execute arbitrary code through server-side request forgery (SSRF), leading to server compromise.
Affected Versions
Apache OFBiz < 18.12.17
Solutions
Remediation Solutions
Check the System Version
The information of current server version is usually displayed on the right corner of Web page.
Official Solution
The latest version has been officially released to fix the vulnerability.
Affected users are strongly advised to update the Apache OFBiz to the latest version(18.12.17 and versions above).
Download link: https://ofbiz.apache.org/download.html
Sangfor Solutions
Risky Assets Detection
Support is provided for the proactive detection of Apache OFBiz; and it is capable of batch identifying the affected asset conditions of this event in business scenarios. Related products are as follows:
[Sangfor CWPP] has released a detection scheme with Fingerprint ID: 0004890.
[Sangfor Host Security] has released a detection scheme with Fingerprint ID: 0004890.
Timeline
On November 19, 2024, Sangfor FarSight Labs received notification of Apache OFBiz Remote Code Execution vulnerability.
On November 19, 2024, Sangfor FarSight Labs released a vulnerability alert.
