CVE-2024-32113

May 8, 2024, 5:05 p.m.

None
No Score

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13. Users are recommended to upgrade to version 18.12.13, which fixes the issue.

Product(s) Impacted

Product Versions
Apache OFBiz
  • ['before 18.12.13']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://issues.apache.org/jira/browse/OFBIZ-13006
https://lists.apache.org/thread/w6s60okgkxp2th1sr8vx0ndmgk68fqrd
https://ofbiz.apache.org/download.html
https://ofbiz.apache.org/security.html

Tags

security@apache.org
CWE-22
2024-05-08
CVE-2024-32113

Timeline

Published: May 8, 2024, 3:15 p.m.
Last Modified: May 8, 2024, 5:05 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@apache.org

Relations

Here is the list of observables linked to the vulnerability CVE-2024-32113 using threat intelligence.

Linked Attack Reports

Increased Activity Against Apache OFBiz CVE-2024-32113

Recently, there has been a surge in malicious activity targeting a critical vulnerability (CVE-2024-32113) in the Apache OFBiz framework, a Java-based platform for developing Enterprise Resource Planning (ERP) applications. This vulnerability, a path traversal issue that can lead to remote code exe…
vulnerability
CVE-2024-32113
apache
erp
2024-08-01
remote code execution
ofbiz
Published: August 1, 2024
Linked vulnerabilities : CVE-2024-32113
Downloadable IOCs: 5

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.