LetsDefend Monitoring Alert
Apache OFBiz Auth Bypass and Code Injection 0-Day (CVE-2023-51467)
Jan, 10, 2024, 01:12 AM
Event ID: 217
Event Time: Jan, 10, 2024, 01:12 AM
Rule Name: SOC254 - Apache OFBiz Auth Bypass and Code Injection 0-Day (CVE-2023-51467)
Alert Type: Web Attack
MITRE Technique:
T1059.004 - Execution - Unix Shell,
T1190 - Initial Access - Exploit Public-Facing Application,
T1136 - Persistence - Create Account,
T1068 - Privilege Escalation - Exploitation for Privilege Escalation,
T1562 - Defense Evasion - Impair Defenses,
T1609 - Execution - Container Administration Command,
Real World Example:⭐ SonicWall researchers observed widespread exploitation attempts targeting CVE-2023-51467, identified as a zero-day vulnerability, on December 26, 2023.
Severity: High
Incident Responder