Unauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBiz
CVE-2022-25371

9.8CRITICAL

Key Information:

Vendor: Apache
Status: Apache Ofbiz
Vendor: CVE Published:; 2 September 2022

Summary

Apache OFBiz uses the Birt project plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. By leveraging a bug in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142) it is possible to perform a remote code execution (RCE) attack in Apache OFBiz, release 18.12.05 and earlier.

Affected Version(s)

Apache OFBiz Apache OFBiz <= 18.12.05

References

https://lists.apache.org/thread/bvp3sczqq863lxr1wh7wjvdtj...

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2022/09/02/7

mailing-listx_refsource_MLIST

http://www.openwall.com/lists/oss-security/2022/09/03/1

mailing-listx_refsource_MLIST

EPSS Score

2% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 2, 2022
Vulnerability Reserved
Feb 20, 2022

Collectors

NVD DatabaseMitre Database

Credit

Nikita Podotykin from Positive Technologies <[email protected]>

Positive Technologies zeroday <[email protected]>