CVE-2016-4462

EUVD-2016-5451
By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
Affected Products (NVD)
VendorProductVersion
apacheofbiz
11.04
apacheofbiz
11.04.01
apacheofbiz
11.04.02
apacheofbiz
11.04.03
apacheofbiz
11.04.04
apacheofbiz
11.04.05
apacheofbiz
11.04.06
apacheofbiz
12.04
apacheofbiz
12.04.01
apacheofbiz
12.04.02
apacheofbiz
12.04.03
apacheofbiz
12.04.04
apacheofbiz
12.04.05
apacheofbiz
12.04.06
apacheofbiz
13.07
apacheofbiz
13.07.01
apacheofbiz
13.07.02
apacheofbiz
13.07.03
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://git.net/ml/dev.ofbiz.apache.org/2016-11/msg00180.html
http://git.net/ml/dev.ofbiz.apache.org/2016-11/msg00180.html