Description
Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecified vectors.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://ofbiz.apache.org/download.html#security
Various Sources mailing-list
x_refsource_mlist
http://mail-archives.apache.org/mod_mbox/ofbiz-user/201204.mbox/%3C4F378887-E697-44E7-976C-48B9B7475C4D%40apache.org%3E
Scores
CVSS v3
9.8
EPSS
0.0500
EPSS Percentile
91.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
apache/ofbiz
10.04
Published
Oct 26, 2017
Tracked Since
Feb 18, 2026