CVE-2020-13923

5.3MEDIUM

Key Information:

Vendor: Apache
Status: Apache Ofbiz
Vendor: CVE Published:; 15 July 2020

Summary

IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04

Affected Version(s)

Apache OFBiz Apache OFBiz 17.12.03 and earlier versions

References

https://s.apache.org/chokl

x_refsource_MISC

https://lists.apache.org/thread.html/r2e669797c1ea0856225...

mailing-listx_refsource_MLIST

https://lists.apache.org/thread.html/rac7e36c3daa60dd4b81...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 8, 2020

Collectors

NVD DatabaseMitre Database

.