A recent discovery has brought to light a zero-day security flaw within Apache OFBiz, an open-source Enterprise Resource Planning (ERP) system. This particular vulnerability, identified as CVE-2023-51467, exposes a potential exploit that could circumvent authentication safeguards.
The flaw is rooted in the login functionality of the system and stems from an inadequately implemented patch intended to address another critical vulnerability, namely CVE-2023-49070, with a high CVSS score of 9.8. Interestingly, this incomplete fix, issued earlier this month, inadvertently left the primary issue unresolved, thereby allowing the persistence of an authentication bypass.
The SonicWall Capture Labs threat research team, responsible for uncovering this vulnerability, noted that the security measures implemented to rectify CVE-2023-49070 failed to address the core problem, resulting in the persistence of the authentication bypass.
CVE-2023-49070 relates to a pre-authenticated remote code execution flaw that affects versions of Apache OFBiz preceding 18.12.10. Successfully exploiting this flaw could grant malicious actors full control over the server, facilitating the extraction of sensitive data. The root cause of CVE-2023-49070 lies in a deprecated XML-RPC component within Apache OFBiz.
SonicWall has detailed that CVE-2023-51467 can be triggered by utilizing empty and invalid USERNAME and PASSWORD parameters in an HTTP request. This manipulation prompts the system to return an authentication success message, effectively sidestepping protection mechanisms and allowing unauthorized access to internal resources.
The success of the attack relies on the setting of the “requirePasswordChange” parameter to “Y” (yes) in the URL. This simple configuration causes authentication to be easily bypassed, irrespective of the values provided in the username and password fields.
Described as a Server-Side Request Forgery (SSRF), the vulnerability enables attackers to bypass authentication, emphasizing the importance of users promptly updating to Apache OFBiz version 18.12.11 or later. This proactive measure is crucial to mitigate potential threats and enhance overall system security.
CyberSec84 | Cybersecurity news. 
Leave a comment