Critical Apache OFBiz Vulnerability Allows Preauth RCE

The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide avenue into enterprise applications for cyberattackers.

Tara Seals, Managing Editor, News, Dark Reading

August 5, 2024

1 Min Read
A thief in a black ski mask stealing a laptop
Brian Jackson via Alamy Stock Photo

A critical pre-authentication remote code execution (RCE) security vulnerability in Apache OFBiz could open organizations to data theft, lateral movement by threat actors into various applications and parts of their networks, and more.

The bug, tracked as CVE-2024-38856, carries a notably high CVSS score of 9.8, given how impactful exploitation could be. Apache OFBiz is an open source enterprise resource planning (ERP) system that has highly privileged access to various business processes for the purpose of single-pane management and automation; these can include accounting, human resources, customer relationship management, order management, manufacturing and e-commerce.

CVE-2024-38856 exists in the override view functionality, and can allow threat actors to access critical endpoints using a crafted request, according to the SonicWall Capture Labs threat research team, which discovered the vulnerability and shared its details with Dark Reading.

To protect their organizations, admins should upgrade their implementations to version 18.12.15 or newer.

OFBiz customers number around 170 and include some heavy hitters, such as Atlassian JIRA, Home Depot, United Airlines, and Upwork Global, according to SonicWall.

About the Author

Tara Seals, Managing Editor, News, Dark Reading

Tara Seals, Managing Editor, News, Dark Reading

Tara Seals has 20+ years of experience as a journalist, analyst and editor in the cybersecurity, communications and technology space. Prior to Dark Reading, Tara was Editor in Chief at Threatpost, and prior to that, the North American news lead for Infosecurity Magazine. She also spent 13 years working for Informa (formerly Virgo Publishing), as executive editor and editor-in-chief at publications focused on both the service provider and the enterprise arenas. A Texas native, she holds a B.A. from Columbia University, lives in Western Massachusetts with her family and is on a never-ending quest for good Mexican food in the Northeast.

See more from Tara Seals, Managing Editor, News, Dark Reading
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

A person's finger about to click on a screen that says Windows 11 with a blue abstract background behind it
Vulnerabilities & Threats
PoC Exploit for Zero-Click Vulnerability Made Available to the MassesPoC Exploit for Zero-Click Vulnerability Made Available to the Masses
byDark Reading Staff
Aug 27, 2024
1 Min Read
Person holding a cellphone; black background
Vulnerabilities & Threats
How Telecom Vulnerabilities Can Be a Threat to Cybersecurity PostureHow Telecom Vulnerabilities Can Be a Threat to Cybersecurity Posture
byAyan Halder
Aug 29, 2024
5 Min Read
CCTV control room
ICS/OT Security
CCTV Zero-Day Exposes Critical Infrastructure to Mirai BotnetCCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet
byBecky Bracken, Senior Editor, Dark Reading
Aug 28, 2024
1 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Events
More Events