Skip to content

Imperva Shields Systems from Critical Apache OFBiz Vulnerability (CVE-2024-45195)

Original Post: Imperva Protects Against Critical Apache OFBiz Vulnerability (CVE-2024-45195)

A critical vulnerability in the Apache OFBiz framework, designated CVE-2024-45195, has been disclosed, allowing unauthenticated remote code execution (RCE). This vulnerability is severe as it enables attackers without credentials to exploit missing view authorization checks to execute arbitrary code on the server. Since its disclosure, over 25,000 exploitation attempts have targeted 4,000 unique sites, mostly in the financial services and business sectors. However, Imperva’s proactive defense measures have protected its customers from these attempts. Imperva Cloud Web Application Firewall (CWAF) and On-Prem customers are safeguarded out-of-the-box against this and previous OFBiz vulnerabilities such as CVE-2023-51467. Organizations using OFBiz are urged to keep their security solutions updated and monitor for suspicious activities. Imperva also offers a 30-day free trial to protect businesses.

Go here to read the Original Post

Leave a Reply

Your email address will not be published. Required fields are marked *