CVE-2024-45195 - Apache OFBiz Forced Browsing Vulnerability

Vulnerability Name

Apache OFBiz Forced Browsing Vulnerability

Description

Apache OFBiz contains a forced browsing vulnerability that allows a remote attacker to obtain unauthorized access.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://ofbiz.apache.org/security.html

https://nvd.nist.gov/vuln/detail/CVE-2024-45195

Related News Articles

CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacksFebruary 6, 2025

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25February 5, 2025