First published: Tue Dec 26 2023(Updated: )
The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code
Credit: security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
<18.12.11 | ||
Apache OFBiz | =18.12.11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-51467 is rated as critical due to its ability to allow attackers to bypass authentication and execute arbitrary code remotely.
To fix CVE-2023-51467, upgrade Apache OFBiz to version 18.12.11 or a later version.
CVE-2023-51467 affects Apache OFBiz versions prior to 18.12.11, specifically 18.12.10 and earlier.
Yes, CVE-2023-51467 allows attackers to exploit the vulnerability remotely if they can access the application.
CVE-2023-51467 is an authentication bypass vulnerability that enables arbitrary code execution.