A brand new zero-day safety flaw has been found within the Apache OfBiz, an open-source Enterprise Useful resource Planning (ERP) system that might be exploited to bypass authentication protections.
The vulnerability, tracked as CVE-2023-51467, resides within the login performance and is the results of an incomplete patch for one more important vulnerability (CVE-2023-49070, CVSS rating: 9.8) that was launched earlier this month.
“The safety measures taken to patch CVE-2023-49070 left the basis difficulty intact and subsequently the authentication bypass was nonetheless current,” the SonicWall Seize Labs menace analysis workforce, which found the bug, stated in an announcement shared with The Hacker Information.
CVE-2023-49070 refers to a pre-authenticated distant code execution flaw impacting variations previous to 18.12.10 that, when efficiently exploited, may permit menace actors to realize full management over the server and siphon delicate knowledge. It’s brought on because of a deprecated XML-RPC part inside Apache OFBiz.
Based on SonicWall, CVE-2023-51467 might be triggered utilizing empty and invalid USERNAME and PASSWORD parameters in an HTTP request to return an authentication success message, successfully circumventing the safety and enabling a menace actor to entry in any other case unauthorized inside sources.
The assault hinges on the truth that the parameter “requirePasswordChange” is about to “Y” (i.e., sure) within the URL, inflicting the authentication to be trivially bypassed whatever the values handed within the username and password fields.
“The vulnerability permits attackers to bypass authentication to realize a easy Server-Aspect Request Forgery (SSRF),” in accordance with an outline of the flaw on the NIST Nationwide Vulnerability Database (NVD).
Customers who depend on Apache OFbiz to replace to model 18.12.11 or later as quickly as potential to mitigate any potential threats.
