[
https://issues.apache.org/jira/browse/OFBIZ-12646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17599924#comment-17599924
]
Jacques Le Roux commented on OFBIZ-12646:
-----------------------------------------
Commit 061252a80e080e98ed677743ba06c5b32f967c63 in ofbiz-plugins's branch
refs/heads/release18.12 from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=061252a80 ]
Fixed: Java Deserialization vulnerability in Apache OfBiz (CVE-2022-29063)
(OFBIZ-12646)
Thanks: Matei "Mal" Badanoiu for report and confirmation it's OK
> Java Deserialization vulnerability in Apache OfBiz (CVE-2022-29063)
> -------------------------------------------------------------------
>
> Key: OFBIZ-12646
> URL: https://issues.apache.org/jira/browse/OFBIZ-12646
> Project: OFBiz
> Issue Type: Bug
> Components: solr
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Major
>
> The following vulnerability has been found by Matei "Mal" Badanoiu. It's a
> Java Deserialization via RMI Connection.
> The OfBiz Solr plugin is configured by default to automatically make a RMI
> request on localhost, port 1099.
> By hosting a malicious RMI server on localhost, an attacker may exploit this
> behavior, at server start-up or on a server restart, in order to run
> arbitrary code as the user that started OfBiz and potentially elevate his/her
> privileges.
> We (security team) want to Note that this exploit can only be done on a
> shared server. That's why it's of low severity.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
