OFBiz RCE Vulnerability

Apache OFBiz, a Java-based web framework, is an enterprise resource planning (ERP) system. It offers a suite of enterprise applications that integrate and automate a business's many business processes. It is an open source ERP system that can be used in every industry.

Apache has released the high severity CVE-2021-26295 vulnerability on OFBiz that could allow an unauthenticated attacker to remotely take control of the ERP system. OFBiz affects all versions prior to 17.12.06 and allows unauthorized remote code execution. OFBiz is a Java-based web framework for automating enterprise processes and offers wide usage including accounting, customer relationship management, manufacturing operations management, order management, supply chain fulfillment and warehouse management system, among others. By exploiting the flaw, a malicious party could tamper with serialized data, adding code that, when deserialized, could potentially cause remote code execution.

Update https://ofbiz.apache.org/download.html we can do it at.

Source:

https://ofbiz.apache.org/download.html#vulnerabilities

https://issues.apache.org/jira/browse/OFBIZ-12167

https://seclists.org/oss-sec/2021/q1/255

[vc_row][vc_column][vc_cta h2=”” add_button=”bottom” btn_title=”Teklif Talep Edin” btn_style=”flat” btn_shape=”square” btn_color=”danger” css_animation=”fadeInLeft” btn_link=”url:https%3A%2F%2Fcyberartspro.com%2Fteklif-isteme-formu%2F||target:%20_blank|”]Siber Güvenlik, Dijital Dönüşüm, MSSP, Sızma Testi, KVKK, GDPR, ISO 27001, ISO 27701 ve DDO Bilgi ve İletişim Güvenliği Rehberi başlıklarıyla ilgili teklif almak için lütfen tıklayın.[/vc_cta][/vc_column][/vc_row]