A brand new zero-day safety flaw has been found within the Apache OfBiz, an open-source Enterprise Useful resource Planning (ERP) system that may very well be exploited to bypass authentication protections.
The vulnerability, tracked as CVE-2023-51467, resides within the login performance and is the results of an incomplete patch for one more crucial vulnerability (CVE-2023-49070, CVSS rating: 9.8) that was launched earlier this month.
“The safety measures taken to patch CVE-2023-49070 left the foundation challenge intact and subsequently the authentication bypass was nonetheless current,” the SonicWall Seize Labs risk analysis workforce, which found the bug, mentioned in an announcement shared with The Hacker Information.
CVE-2023-49070 refers to a pre-authenticated distant code execution flaw impacting variations previous to 18.12.10 that, when efficiently exploited, may enable risk actors to realize full management over the server and siphon delicate information. It’s brought on resulting from a deprecated XML-RPC element inside Apache OFBiz.
Based on SonicWall, CVE-2023-51467 may very well be triggered utilizing empty and invalid USERNAME and PASSWORD parameters in an HTTP request to return an authentication success message, successfully circumventing the safety and enabling a risk actor to entry in any other case unauthorized inner assets.
The assault hinges on the truth that the parameter “requirePasswordChange” is ready to “Y” (i.e., sure) within the URL, inflicting the authentication to be trivially bypassed whatever the values handed within the username and password fields.
“The vulnerability permits attackers to bypass authentication to realize a easy Server-Facet Request Forgery (SSRF),” in keeping with an outline of the flaw on the NIST Nationwide Vulnerability Database (NVD).
Customers who depend on Apache OFbiz to replace to model 18.12.11 or later as quickly as attainable to mitigate any potential threats.
