CVE-2012-3506 — Apache Ofbiz vulnerability

10 documents6 sources

Severity

10.0CRITICALNVD

EPSS

0.8%

top 26.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Ofbiz

Timeline

PublishedOct 25

Latest updateMay 14

Description

Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDapache/ofbiz10.04.01, 10.04.02+1

Patches

Patch: ofbiz.apache.org ↗Patch: ofbiz.apache.org ↗

🔴Vulnerability Details

GHSA

GHSA-c9qh-45f6-r2vv: Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10↗2022-05-14

▶

CVEList

CVE-2012-3506: Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10↗2012-10-25

▶

📋Vendor Advisories

Red Hat

OpenSSO: Unspecified vulnerability allows remote attackers to affect integrity via unknown vectors↗2012-01-18

▶

Red Hat

OpenSSO: unspecified vulnerability in the authentication component↗2011-10-18

▶

Red Hat

OpenSSO: unspecified vulnerability in the authentication component↗2011-10-18

▶

Apache

Apache ofbiz: CVE-2012-3506↗

▶

💬Community

Bugzilla

CVE-2012-0079 OpenSSO: Unspecified vulnerability allows remote attackers to affect integrity via unknown vectors↗2012-01-23

▶

Bugzilla

CVE-2011-3517 Oracle OpenSSO: unspecified vulnerability in the authentication component↗2011-10-26

▶

Bugzilla

CVE-2011-3506 Oracle OpenSSO: unspecified vulnerability in the authentication component↗2011-10-26

▶