LetsDefend Monitoring Alert

Apache OFBiz Auth Bypass and Code Injection 0-Day (CVE-2023-51467)

Jan, 10, 2024, 01:12 AM

Event ID: 217

Event Time: Jan, 10, 2024, 01:12 AM

Rule Name: SOC254 - Apache OFBiz Auth Bypass and Code Injection 0-Day (CVE-2023-51467)

Alert Type: Web Attack

MITRE Technique:
T1059.004 - Execution - Unix Shell,
T1190 - Initial Access - Exploit Public-Facing Application,
T1136 - Persistence - Create Account,
T1068 - Privilege Escalation - Exploitation for Privilege Escalation,
T1562 - Defense Evasion - Impair Defenses,
T1609 - Execution - Container Administration Command,

Real World Example:SonicWall researchers observed widespread exploitation attempts targeting CVE-2023-51467, identified as a zero-day vulnerability, on December 26, 2023.

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166