Skip to content
/ CVE-2022-29063 Public

CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mbadanoiu/CVE-2022-29063

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
Apache OfBiz - CVE-2022-29063.pdf
Apache OfBiz - CVE-2022-29063.pdf
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz

The OfBiz Solr plugin is configured by default to automatically make a RMI request on localhost, port 1099. By hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run arbitrary code as the user that started OfBiz and potentially elevate his/her privileges.

Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found here.

Requirements:

This vulnerability requires:

  • Run a malicious RMI server on localhost:1099
  • Wait for Apache OfBiz application to start/restart

Proof Of Concept:

More details and the exploitation process can be found in this PDF.

About

CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz

Topics

deserialization cve local-privilege-escalation cves 0-day cve-2022-29063

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy