Hillstone Networks

RULE（RULE ID：337739）

Rule General Information


Release Date:		2023-12-08

Rule Name:		Apache Ofbiz 18.12.09 Remote Code Execution Vulnerability (CVE-2023-49070)

Severity:

CVE ID:

Rule Protection Details


Description:		Apache OFBiz is an Enterprise Resource Planning (ERP) system developed by the Apache Software Foundation. This system provides a comprehensive set of Java-based web application components and tools. Prior to version 18.12.10 of Apache OFBiz, there exists a code injection vulnerability. This vulnerability originates from an incomplete fix for the associated CVE-2020-9496 vulnerability in its XML-RPC component. It allows attackers to re-exploit the vulnerability by bypassing permissions. Currently, XML-RPC is no longer maintained, and Apache OFBiz has removed XML-RPC in its latest release, version 18.12.10. However, earlier versions may still be susceptible to this vulnerability.

Impact:		An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software.

Affected OS:		Windows, Linux, Others

Reference:		https://ofbiz.apache.org/download.html https://ofbiz.apache.org/security.html https://ofbiz.apache.org/release-notes-18.12.10.html https://issues.apache.org/jira/browse/OFBIZ-12812

Solutions

Refer to the announcement or patch by the vendor: https://lists.apache.org/thread/jmbqk2lp4t4483whzndp5xqlq4f3otg3