QwikSec

Security Database

CVE

CWE

Training

CVE-2021-37608

Published: Aug 18, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgrade to at least 17.12.08 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12297.

Vendor	Product	Versions
Apache Software Foundation	Apache OFBiz	affected `unspecified - <= 17.12.07`

Weaknesses (CWE)

References

https://ofbiz.apache.org/security.html

x_refsource_MISC

[ofbiz-notifications] 20210827 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20210827 [jira] [Created] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20210902 [jira] [Assigned] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-commits] 20210903 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)

mailing-list

x_refsource_MLIST

[ofbiz-commits] 20210903 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)

mailing-list

x_refsource_MLIST

[ofbiz-commits] 20210903 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20210903 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20210903 [jira] [Closed] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20210904 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20210904 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-commits] 20210917 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)

mailing-list

x_refsource_MLIST

[ofbiz-commits] 20210917 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20210917 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-commits] 20210917 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307)

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20211014 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20211014 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20211015 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.