Known Exploited Vulnerability
9.8
CRITICAL
CVE-2024-38856
Apache OFBiz Incorrect Authorization Vulnerability - [Actively Exploited]
Description

Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints).

INFO

Published Date :

Aug. 5, 2024, 9:15 a.m.

Last Modified :

Aug. 28, 2024, 4:15 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
CISA Notification
CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Description :

Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated attacker.

Required Action :

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes :

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/[email protected]:lte=1M:CVE-2024-38856

Public PoC/Exploit Available at Github

CVE-2024-38856 has a 20 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-38856 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Apache ofbiz
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-38856.

URL Resource
https://issues.apache.org/jira/browse/OFBIZ-13128 Issue Tracking
https://lists.apache.org/thread/olxxjk6b13sl3wh9cmp0k2dscvp24l7w Mailing List Vendor Advisory
https://ofbiz.apache.org/download.html Product
https://ofbiz.apache.org/security.html Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
admin772/POC

None

Updated: 1 week, 2 days ago
0 stars 0 fork 0 watcher
Born at : Sept. 9, 2024, 1:28 a.m. This repo has been linked 128 different CVEs too.
Profile Photo
WhosGa/MyWiki

None

HTML

Updated: 1 week, 1 day ago
0 stars 0 fork 0 watcher
Born at : Sept. 4, 2024, 9:24 a.m. This repo has been linked 128 different CVEs too.
Profile Photo
BBD-YZZ/CVE-2024-38856-RCE

Apache OFBiz CVE-2024-38856

Go

Updated: 1 week, 5 days ago
2 stars 0 fork 0 watcher
Born at : Aug. 28, 2024, 3:17 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
emanueldosreis/CVE-2024-38856

Nuclei template to scan for Apache Ofbiz affecting versions before 18.12.15

Updated: 2 weeks, 6 days ago
0 stars 0 fork 0 watcher
Born at : Aug. 27, 2024, 9:16 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
0x20c/CVE-2024-38856-EXP

CVE-2024-38856 Exploit

Shell

Updated: 1 week, 4 days ago
9 stars 1 fork 1 watcher
Born at : Aug. 22, 2024, 4:05 a.m. This repo has been linked 2 different CVEs too.
Profile Photo
Praison001/CVE-2024-38856-ApacheOfBiz

Exploit for CVE-2024-38856 affecting Apache OFBiz versions before 18.12.15

Python

Updated: 2 weeks, 1 day ago
1 stars 1 fork 1 watcher
Born at : Aug. 18, 2024, 3:19 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
qiuluo-oss/Tiger

Tiger是一款在攻防演练中对目标资产重点系统指纹识别、精准漏扫的工具。是一款打点神器。

Updated: 1 week, 6 days ago
56 stars 5 fork 5 watcher
Born at : Aug. 18, 2024, 7:19 a.m. This repo has been linked 29 different CVEs too.
Profile Photo
ThatNotEasy/CVE-2024-38856

Perform With Massive Apache OFBiz Zero-Day Scanner & RCE

Python

Updated: 4 weeks, 1 day ago
2 stars 1 fork 1 watcher
Born at : Aug. 10, 2024, 3:05 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
codeb0ss/CVE-2024-38856-PoC

Mass Exploit - CVE-2024-38856 [Remote Code Execution]

Python

Updated: 1 month, 1 week ago
0 stars 0 fork 0 watcher
Born at : Aug. 9, 2024, 11:26 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
securelayer7/CVE-2024-38856_Scanner

Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)

apache apache-ofbiz cve-scanning exploit exploitation rce-exploit rce-scanner

Python

Updated: 1 week, 4 days ago
33 stars 8 fork 8 watcher
Born at : Aug. 8, 2024, 2:40 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
Disseminator/Poc_CVEs

None

Python Shell C++

Updated: 1 month ago
2 stars 0 fork 0 watcher
Born at : Aug. 5, 2024, 9:16 a.m. This repo has been linked 4 different CVEs too.
Profile Photo
adminlove520/pocWiki

None

HTML

Updated: 1 month ago
5 stars 0 fork 0 watcher
Born at : Aug. 2, 2024, 6:07 a.m. This repo has been linked 123 different CVEs too.
Profile Photo
k3ppf0r/2024-PocLib

此项目的POC来源为2024年以来各大威胁情报的高危漏洞复现,POC已通过nuclei或xray武器化,本项目旨在为网络安全爱好者们提供一点参考资料,可供个人研究使用,共勉

Shell Batchfile Python ASP.NET Java Classic ASP PHP

Updated: 1 week, 4 days ago
200 stars 34 fork 34 watcher
Born at : May 8, 2024, 11:50 a.m. This repo has been linked 21 different CVEs too.
Profile Photo
RacerZ-fighting/CVE-2024-32113-POC

Apache OfBiz vulns

Updated: 2 weeks, 1 day ago
7 stars 2 fork 2 watcher
Born at : April 10, 2024, 1:22 p.m. This repo has been linked 3 different CVEs too.
Profile Photo
wy876/POC

收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1000多个poc/exp,长期更新。

Updated: 1 week, 2 days ago
3420 stars 699 fork 699 watcher
Born at : Aug. 19, 2023, 12:08 p.m. This repo has been linked 125 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-38856 vulnerability anywhere in the article.

  • Cybersecurity News
Ajina.Banker: Unmasking the Android Malware Targeting Central Asian Banks

Screenshot of the sample found on the VirusTotal platformCybersecurity analysts at Group-IB have uncovered a sophisticated malware campaign targeting bank customers in Central Asia. Dubbed “Ajina.Bank ... Read more

Published Date: Sep 16, 2024 (2 days ago)
CVE-2024-28000 CVE-2024-38106 CVE-2024-7272 CVE-2024-38856 CVE-2023-38831 CVE-2023-27532
  • TheCyberThrone
Apache OFBiz Vulnerability CVE-2024-45195 actively exploited

Apache OFBiz has got a security update for a flaw CVE-2024-45195 with a CVSS score of 7.5 that  allows attackers to bypass authorization checks and execute arbitrary code on the server, even without v ... Read more

Published Date: Sep 13, 2024 (4 days, 18 hours ago)
CVE-2024-6678 CVE-2024-29847 CVE-2024-8687 CVE-2024-8686 CVE-2024-45507 CVE-2024-45195 CVE-2024-38856 CVE-2024-36104 CVE-2024-32113
  • Cybersecurity News
Hackers target Apache OFBiz RCE flaw CVE-2024-45195 after PoC exploit released

Image: Rapid7According to a report from Imperva, over 25,000 malicious requests targeting 4,000 unique sites have been detected since the CVE-2024-45195 vulnerability in Apache OFBiz was disclosed. Th ... Read more

Published Date: Sep 13, 2024 (5 days ago)
CVE-2024-42024 CVE-2024-42019 CVE-2024-45507 CVE-2024-45195 CVE-2024-45321 CVE-2024-28986 CVE-2024-38856 CVE-2024-36104 CVE-2024-32113 CVE-2022-25371
  • security.nl
Apache verhelpt kritieke RCE-kwetsbaarheid in ERP-oplossing OFBiz

Apache heeft een kritieke kwetsbaarheid in ERP-oplossing OFBiz verholpen waardoor een ongeauthenticeerde aanvaller op afstand code op het ERP-systeem kan uitvoeren. Onlangs werden twee andere beveilig ... Read more

Published Date: Sep 06, 2024 (1 week, 4 days ago)
CVE-2024-45195 CVE-2024-38856 CVE-2024-36104 CVE-2024-32113
  • The Cyber Express
Critical RCE Vulnerability Patched in Apache OFBiz (CVE-2024-45195)

Popular open-source enterprise Resource Planning (ERP) system, Apache OFBiz, recently discovered harboring a critical Remote Code Execution (RCE) vulnerability. Tracked as CVE-2024-45195, the Apache O ... Read more

Published Date: Sep 06, 2024 (1 week, 4 days ago)
CVE-2024-45195 CVE-2024-38856 CVE-2024-36104 CVE-2024-32113 CVE-2024-21893 CVE-2024-21887 CVE-2023-46805 CVE-2021-44228 CVE-2017-11882
  • Help Net Security
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)

For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code ... Read more

Published Date: Sep 06, 2024 (1 week, 4 days ago)
CVE-2024-45507 CVE-2024-45195 CVE-2024-38856 CVE-2024-36104 CVE-2024-32113
  • The Hacker News
Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution

Cybersecurity / Vulnerability A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning (ERP) system that, if successfully exploited, could lead to unauthenti ... Read more

Published Date: Sep 06, 2024 (1 week, 4 days ago)
CVE-2024-45507 CVE-2024-45195 CVE-2024-38856 CVE-2024-32896 CVE-2024-36104 CVE-2024-32113
  • BleepingComputer
Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers. ... Read more

Published Date: Sep 05, 2024 (1 week, 5 days ago)
CVE-2024-45195 CVE-2024-38856 CVE-2024-36104 CVE-2024-32113 CVE-2023-49070
  • Cybersecurity News
Revival Hijack: A New PyPI Hijacking Technique Threatens Thousands of Packages

The JFrog security research team has uncovered a novel PyPI package hijacking method known as “Revival Hijack,” which has put over 22,000 packages at risk of exploitation. Unlike traditional typosquat ... Read more

Published Date: Sep 05, 2024 (1 week, 6 days ago)
CVE-2024-6386 CVE-2024-7593 CVE-2024-38193 CVE-2024-6915 CVE-2024-38856 CVE-2024-0646
  • Cybersecurity News
Publicly Exposed GenAI Development Services Raise Serious Security Concerns

Access to the API without the need for any authentication | Image: Legit SecurityA new report released by Legit Security has raised significant concerns about the security posture of publicly accessib ... Read more

Published Date: Sep 03, 2024 (2 weeks, 1 day ago)
CVE-2024-6386 CVE-2024-38193 CVE-2024-38856 CVE-2024-38529 CVE-2024-37906 CVE-2024-31621 CVE-2024-0646
  • Cybersecurity News
Proof-of-Concept Exploit Released for WhatsUp Gold Authentication Bypass (CVE-2024-6670)

Researcher Sina Kheirkhah of the Summoning Team has published the technical details and a proof-of-concept (PoC) exploit for a critical vulnerability, identified as CVE-2024-6670, affecting Progress S ... Read more

Published Date: Sep 02, 2024 (2 weeks, 2 days ago)
CVE-2024-6671 CVE-2024-6670 CVE-2024-39091 CVE-2024-7272 CVE-2024-7553 CVE-2024-38856 CVE-2024-27182 CVE-2024-27181
  • The Register
Check your IP cameras: There's a new Mirai botnet on the rise

in brief A series of IP cameras still used all over the world, despite being well past their end of life, have been exploited to create a new Mirai botnet. The vulnerability (CVSS 8.7, CVE-2024-7029) ... Read more

Published Date: Aug 31, 2024 (2 weeks, 3 days ago)
CVE-2024-7965 CVE-2024-38856 CVE-2024-7029 CVE-2017-17215 CVE-2014-8361
  • Dark Reading
Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges

Source: tofino via Alamy Stock PhotoCISA has added a critical security flaw in the Apache OFBiz open source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catal ... Read more

Published Date: Aug 29, 2024 (2 weeks, 5 days ago)
CVE-2024-38856 CVE-2024-36104
  • security.nl
Apache OFBiz ERP-systemen opnieuw doelwit van aanvallen

Apache OFBiz ERP-systemen zijn opnieuw het doelwit van aanvallen, zo waarschuwt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie van Homeland Security. OFBiz ... Read more

Published Date: Aug 28, 2024 (2 weeks, 6 days ago)
CVE-2024-38856 CVE-2024-32113
  • The Cyber Express
Critical Apache OFBiz Vulnerability CVE-2024-38856 Identified and Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a security vulnerability affecting Apache OFBiz, the open-source enterprise resource planning (ERP) system. This Apache OFB ... Read more

Published Date: Aug 28, 2024 (2 weeks, 6 days ago)
CVE-2024-38856 CVE-2024-4885 CVE-2024-36104 CVE-2024-32113 CVE-2024-21893 CVE-2024-21887 CVE-2023-46805 CVE-2021-44228 CVE-2017-11882
  • The Hacker News
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports

Software Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource ... Read more

Published Date: Aug 28, 2024 (2 weeks, 6 days ago)
CVE-2024-7965 CVE-2024-38856 CVE-2024-36104 CVE-2024-32113
  • TheCyberThrone
WordPress WPML Plugin Critical Vulnerability CVE-2024-6386

Researchers have uncovered a critical vulnerability in WPML multilingual CMS Plugin for WordPress that leads to a Remote Code Execution, which potentially allows the compromise of impacted websites.Th ... Read more

Published Date: Aug 28, 2024 (2 weeks, 6 days ago)
CVE-2024-7971 CVE-2024-6386 CVE-2024-38856 CVE-2023-22527
  • TheCyberThrone
CISA adds Apache OFBiz Vulnerability CVE-2024-38856 to KEV Catalog

The U.S. CISA adds Apache OFBiz vulnerability to its KEV catalog following the mass exploitationCVE-2024-38856 : Apache OFBiz Incorrect Authorization Vulnerability: Apache OFBiz contains an incorrect ... Read more

Published Date: Aug 28, 2024 (3 weeks ago)
CVE-2024-7971 CVE-2024-6386 CVE-2024-38856 CVE-2023-22527
  • Cybersecurity News
CISA Warns of Actively Exploited Apache OFBiz CVE-2024-38856 Vulnerability, PoC Available

Image: securelayer7The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited security flaw in Apache OFBiz, a popular open-source enterp ... Read more

Published Date: Aug 27, 2024 (3 weeks ago)
CVE-2024-7263 CVE-2024-7262 CVE-2024-38856 CVE-2024-22169 CVE-2024-38054 CVE-2023-49070 CVE-2022-25371
  • Cybersecurity News
Log4j Exploited Again: New Campaign Targets Vulnerable Systems with Crypto-Mining and Backdoors

Despite its discovery over two years ago, the Log4j vulnerability, known as Log4Shell (CVE-2021-44228), continues to pose a significant threat to global cybersecurity. A recent report from Datadog Sec ... Read more

Published Date: Aug 22, 2024 (3 weeks, 6 days ago)
CVE-2024-6386 CVE-2024-38193 CVE-2024-38856 CVE-2024-38529 CVE-2024-37906 CVE-2024-0646 CVE-2021-44228
  • Cybersecurity News
Gafgyt Botnet: Now Exploiting GPU Power in Cloud-Native Environments

Gafgyt attack flow | Image: Aqua NautilusResearchers at Aqua Nautilus have identified a new variant of the Gafgyt botnet that represents a significant evolution in malware targeting strategies. Origin ... Read more

Published Date: Aug 19, 2024 (4 weeks, 2 days ago)
CVE-2024-38856 CVE-2024-7205 CVE-2024-30165 CVE-2024-30164 CVE-2024-0646 CVE-2023-32315
  • Cybersecurity News
Google Pixel Phones Exposed: Millions at Risk Due to Pre-Installed App Vulnerability

Cybersecurity researchers at iVerify, in collaboration with Palantir Technologies and Trail of Bits, have uncovered a significant vulnerability in millions of Google Pixel devices worldwide. The flaw, ... Read more

Published Date: Aug 16, 2024 (1 month ago)
CVE-2024-38856 CVE-2024-7205 CVE-2024-36971 CVE-2024-30165 CVE-2024-30164 CVE-2024-0646
  • Cybersecurity News
CVE-2024-42479 (CVSS 10) in Popular Python Package llama_cpp_python Exposes Millions to RCE

Please enable JavaScriptA severe security vulnerability has been discovered in the widely-used AI library llama_cpp_python, potentially allowing threat actors to execute malicious code on affected sys ... Read more

Published Date: Aug 15, 2024 (1 month ago)
CVE-2024-28986 CVE-2024-38063 CVE-2024-42479 CVE-2024-38856 CVE-2024-41637 CVE-2024-40075 CVE-2024-27348
  • Cybersecurity News
CVE-2024-36877 in MSI Motherboards Opens Door to Code Execution Attacks, PoC Published

MSI, a leading manufacturer of computer hardware, has recently disclosed a critical vulnerability, tracked as CVE-2024-36877, that affects a wide range of its motherboards. The vulnerability, residing ... Read more

Published Date: Aug 15, 2024 (1 month ago)
CVE-2024-36877 CVE-2024-38856 CVE-2024-41637 CVE-2024-40075 CVE-2024-36435 CVE-2024-27348
  • Cybersecurity News
SAP Security Patch Day – August 2024: CVE-2024-41730 (CVSS 9.8) Vulnerability Exposes Systems to Full Control Exploit

SAP has released its monthly security patches for August 2024, addressing a range of vulnerabilities across its extensive product portfolio. The update includes fixes for 17 new security notes and 8 u ... Read more

Published Date: Aug 13, 2024 (1 month ago)
CVE-2024-41730 CVE-2024-38856 CVE-2024-7205 CVE-2024-36435 CVE-2024-30165 CVE-2024-30164 CVE-2024-29415
  • Cybersecurity News
Dark Skippy: New Threat Steals Secret Keys from Signing Devices

A serious security threat called Dark Skippy has emerged in the cryptocurrency world. This method allows malicious actors to extract private keys from transaction signing devices, such as hardware wal ... Read more

Published Date: Aug 12, 2024 (1 month ago)
CVE-2024-38202 CVE-2024-21302 CVE-2024-38856 CVE-2024-41637 CVE-2024-40075 CVE-2024-27348
  • Help Net Security
Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: August 2024 Patch Tuesday forecast: Looking for a calm August release August 2024 July ended up being ... Read more

Published Date: Aug 11, 2024 (1 month ago)
CVE-2024-42219 CVE-2024-42218 CVE-2024-42009 CVE-2024-42008 CVE-2024-38856
  • BleepingComputer
CISA warns about actively exploited Apache OFBiz RCE flaw

The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a ... Read more

Published Date: Aug 08, 2024 (1 month, 1 week ago)
CVE-2024-38856 CVE-2024-36971 CVE-2024-32113
  • Cybersecurity News
PoC Exploit Released for Apache OFBiz Remote Code Execution Flaw (CVE-2024-38856)

Today, cybersecurity researcher Zeyad Azima from SecureLayer7 and Youssef Muhammad have published a proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-38856) in the Apache OFBi ... Read more

Published Date: Aug 08, 2024 (1 month, 1 week ago)
CVE-2024-38856 CVE-2024-36268 CVE-2024-6457 CVE-2024-39891 CVE-2024-36104 CVE-2024-32113 CVE-2023-49070 CVE-2022-25371 CVE-2012-4792
  • Cybersecurity News
CVE-2024-21302, CVE-2024-38202: Zero-Day Vulnerabilities Expose Windows Systems to “Unpatching” Attacks

At Black Hat 2024, security researcher Alon Leviev from SafeBreach security researcher unveiled two zero-day vulnerabilities (CVE-2024-21302, CVE-2024-38202) that could be exploited to reverse patches ... Read more

Published Date: Aug 08, 2024 (1 month, 1 week ago)
CVE-2024-38202 CVE-2024-21302 CVE-2024-38856 CVE-2024-41637 CVE-2024-40075 CVE-2023-46685 CVE-2024-27348
  • TheCyberThrone
Google Fixes Android Zeroday Vulnerability CVE-2024-36971

Google has released patches for 46 bugs affecting its Android operating system in its August 2024 security update. This includes an actively exploited kernel vulnerability tracked as CVE-2024-36971 af ... Read more

Published Date: Aug 07, 2024 (1 month, 1 week ago)
CVE-2024-23350 CVE-2024-38856 CVE-2024-36268 CVE-2024-6576 CVE-2024-36971 CVE-2023-36934 CVE-2018-0824
  • TheCyberThrone
CISA adds CVE-2018-0824 to its KEV Catalog

The U.S. CISA added a deserialization of untrusted data vulnerability in Microsoft COM for Windows, tracked as CVE-2018-0824 with a CVSS score of 7.5, to its Known Exploited Vulnerabilities (KEV) cata ... Read more

Published Date: Aug 06, 2024 (1 month, 1 week ago)
CVE-2024-38856 CVE-2024-36268 CVE-2024-23296 CVE-2018-0824
  • TheCyberThrone
Apache InLong fixes Critical Vulnerability CVE-2024-36268

The Apache InLong project has issued a security advisory regarding a critical vulnerability discovered in its TubeMQ component, that could allow code injection flaw could allow remote attackers to exe ... Read more

Published Date: Aug 06, 2024 (1 month, 1 week ago)
CVE-2024-38856 CVE-2024-36268 CVE-2024-23296
  • Help Net Security
Researchers unearth MotW bypass technique used by threat actors for years

Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick ... Read more

Published Date: Aug 06, 2024 (1 month, 1 week ago)
CVE-2024-38856 CVE-2023-24880 CVE-2023-23397
  • Cyber Security News
Apache OFBiz Zero-Day Vulnerability Let Attackers Execute Remote Code

A critical zero-day vulnerability in Apache OFBiz, an open-source enterprise resource planning (ERP) system, has been discovered that could allow unauthenticated attackers to execute arbitrary code re ... Read more

Published Date: Aug 06, 2024 (1 month, 1 week ago)
CVE-2024-38856 CVE-2024-36104
  • The Hacker News
New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

Enterprise Security / Vulnerability A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system t ... Read more

Published Date: Aug 06, 2024 (1 month, 1 week ago)
CVE-2024-38856 CVE-2024-36104 CVE-2024-32113 CVE-2023-51467
  • Dark Reading
Critical Apache OfBiz Vulnerability Allows Preauth RCE

Brian Jackson via Alamy Stock PhotoA critical pre-authentication remote code execution (RCE) security vulnerability in Apache OFBiz could open organizations to data theft, lateral movement by threat a ... Read more

Published Date: Aug 05, 2024 (1 month, 1 week ago)
CVE-2024-38856
  • TheCyberThrone
Apache OFBiz fixes CVE-2024-38856

Apache OFBiz has released an urgent security advisory due to the potential for unauthorized code execution.The vulnerability tracked as CVE-2024-38856 stems into an incorrect authorization handling wi ... Read more

Published Date: Aug 05, 2024 (1 month, 1 week ago)
CVE-2024-38856 CVE-2024-6980 CVE-2024-23296 CVE-2024-23897
  • Help Net Security
Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)

CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute arbitrary code on vulner ... Read more

Published Date: Aug 05, 2024 (1 month, 1 week ago)
CVE-2024-38856 CVE-2024-36104 CVE-2024-32113

The following table lists the changes that have been made to the CVE-2024-38856 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Aug. 28, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://issues.apache.org/jira/browse/OFBIZ-13128 No Types Assigned https://issues.apache.org/jira/browse/OFBIZ-13128 Issue Tracking
    Changed Reference Type https://lists.apache.org/thread/olxxjk6b13sl3wh9cmp0k2dscvp24l7w No Types Assigned https://lists.apache.org/thread/olxxjk6b13sl3wh9cmp0k2dscvp24l7w Mailing List, Vendor Advisory
    Changed Reference Type https://ofbiz.apache.org/download.html No Types Assigned https://ofbiz.apache.org/download.html Product
    Changed Reference Type https://ofbiz.apache.org/security.html No Types Assigned https://ofbiz.apache.org/security.html Vendor Advisory
    Added CPE Configuration OR *cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* versions up to (including) 18.12.15
  • CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725

    Aug. 28, 2024

    Action Type Old Value New Value
    Added Vulnerability Name Apache OFBiz Incorrect Authorization Vulnerability
    Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
    Added Due Date 2024-09-17
    Added Date Added 2024-08-27
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Aug. 06, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 CISA-ADP AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  • CVE Received by [email protected]

    Aug. 05, 2024

    Action Type Old Value New Value
    Added Description Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints).
    Added Reference Apache Software Foundation https://ofbiz.apache.org/download.html [No types assigned]
    Added Reference Apache Software Foundation https://ofbiz.apache.org/security.html [No types assigned]
    Added Reference Apache Software Foundation https://lists.apache.org/thread/olxxjk6b13sl3wh9cmp0k2dscvp24l7w [No types assigned]
    Added Reference Apache Software Foundation https://issues.apache.org/jira/browse/OFBIZ-13128 [No types assigned]
    Added CWE Apache Software Foundation CWE-863
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-38856 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-38856 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: