Infosecurity-magazine.com

Critical Vulnerability in Apache OFBiz Requires Immediate Patching

Organizations utilizing Apache OFBiz have been warned to promptly address a critical vulnerability due to escalating exploitation attempts targeting a recently identified security flaw. Tracked as CVE ...
Dark Reading

Critical Apache OFBiz Vulnerability Allows Preauth RCE

A critical pre-authentication remote code execution (RCE) security vulnerability in Apache OFBiz could open organizations to data theft, lateral movement by threat actors into various applications and ...
Dark Reading

Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges

CISA has added a critical security flaw in the Apache OFBiz open source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog. Apache OFBiz is a system that ...
Bleeping Computer

CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks

Among them are flaws impacting Microsoft .NET Framework and Apache OFBiz (Open For Business), two widely used software applications. Though the agency has marked those flaws as actively exploited in ...
Bleeping Computer

CISA warns about actively exploited Apache OFBiz RCE flaw

The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a ...
CSOonline

New critical Apache OFBiz vulnerability patched as older flaw is actively exploited

Researchers discovered a new RCE flaw while analyzing the patch for a different flaw currently targeted by attackers. As the fifth critical flaw this year for the ERP framework, users are urged to ...
CSOonline

Apache OFBiz patches new critical remote code execution flaw

The vulnerability represents a bypass of fixes put in place this year for three critical RCE flaws that had the same root cause and have since been used in attacks. Developers of Apache OFBiz, an open ...