Igniterealtime Openfire vulnerabilities
39 known vulnerabilities affecting igniterealtime/openfire.
Total CVEs
39
CISA KEV
1
actively exploited
Public exploits
13
Exploited in wild
4
Severity breakdown
CRITICAL3HIGH6MEDIUM30
Vulnerabilities
Page 1 of 2
CVE-2023-32315P1HIGHCVSS 7.5KEVPoCRansomware≥ 3.10.0, < 4.6.8≥ 4.7.0, < 4.7.5+2 more2023-05-26
CVE-2023-32315 [HIGH] CWE-22 CVE-2023-32315: Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative
Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup Environment in an already configured Openfire environment t
nvd
CVE-2021-45967P1CRITICALCVSS 9.8ExploitedPoCfixed in 4.5.0v4.5.02022-03-18
CVE-2021-45967 [CRITICAL] CWE-22 CVE-2021-45967: An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NG
An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints.
nvd
CVE-2019-18394P1CRITICALCVSS 9.8ExploitedPoC≤ 4.4.22019-10-24
CVE-2019-18394 [CRITICAL] CWE-918 CVE-2019-18394: A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfir
A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests.
nvd
CVE-2019-18393P2MEDIUMCVSS 5.3ExploitedPoC≤ 4.4.22019-10-24
CVE-2019-18393 [MEDIUM] CWE-22 CVE-2019-18393: PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files ar
PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability.
nvd
CVE-2008-6508P2HIGHCVSS 7.5PoC≤ 3.6.0av2.6.0+23 more2009-03-23
CVE-2008-6508 [HIGH] CWE-22 CVE-2008-6508: Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a an
Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to bypass authentication and access the admin interface via a .. (dot dot) in a URI that matches the Exclude-Strings list, as demonstrated by a /setup/setup-/.. sequence in a URI.
nvd
CVE-2015-6973P3MEDIUMCVSS 6.8PoCv3.10.22015-09-16
CVE-2015-6973 [MEDIUM] CWE-352 CVE-2015-6973: Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafted request to user-create.jsp, (3) edit server settings or (4) disable SSL on the
nvd
CVE-2008-6509P3HIGHCVSS 7.5PoC≤ 3.6.0av2.6.0+23 more2009-03-23
CVE-2008-6509 [HIGH] CWE-89 CVE-2008-6509: SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote
SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp.
nvd
CVE-2015-7707P3MEDIUMCVSS 6.5PoCv3.10.22015-10-05
CVE-2015-7707 [MEDIUM] CWE-264 CVE-2015-7707: Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via t
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp.
nvd
CVE-2024-25421P2CRITICALCVSS 9.8≤ 4.9.02024-03-26
CVE-2024-25421 [CRITICAL] CWE-250 CVE-2024-25421: An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privile
An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the ROOM_CACHE component.
nvd
CVE-2009-0497P3MEDIUMCVSS 5.0PoCv3.6.22009-02-10
CVE-2009-0497 [MEDIUM] CWE-22 CVE-2009-0497: Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attacke
Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the log parameter.
nvd
CVE-2015-6972P4MEDIUMCVSS 4.3PoCv3.10.22015-09-16
CVE-2015-6972 [MEDIUM] CWE-79 CVE-2015-6972: Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/clientcontrol/create-bookmark.jsp; the (2) urlName parameter to plugins/clientcontrol/create-bookmark.jsp; the (3) hostname parameter to server-session-details
nvd
CVE-2024-25420P3HIGHCVSS 7.2≤ 4.9.02024-03-26
CVE-2024-25420 [HIGH] CWE-273 CVE-2024-25420: An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges vi
An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component.
nvd
CVE-2009-1595P4MEDIUMCVSS 4.0PoC≤ 3.6.3v2.6.0+27 more2009-05-11
CVE-2009-1595 [MEDIUM] CWE-287 CVE-2009-1595: The jabber:iq:auth implementation in IQAuthHandler.java in Ignite Realtime Openfire before 3.6.4 all
The jabber:iq:auth implementation in IQAuthHandler.java in Ignite Realtime Openfire before 3.6.4 allows remote authenticated users to change the passwords of arbitrary accounts via a modified username element in a passwd_change action.
nvd
CVE-2008-6511P4MEDIUMCVSS 5.8PoC≤ 3.6.0av2.6.0+23 more2009-03-23
CVE-2008-6511 [MEDIUM] CWE-20 CVE-2008-6511: Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlier allows remote attackers to r
Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.
nvd
CVE-2014-3451P3HIGHCVSS 7.5≤ 3.9.32017-08-18
CVE-2014-3451 [HIGH] CWE-295 CVE-2014-3451: OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers to
OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers to perform unspecified spoofing attacks.
nvd
CVE-2008-6510P4MEDIUMCVSS 4.3PoC≤ 3.6.0av2.6.0+23 more2009-03-23
CVE-2008-6510 [MEDIUM] CWE-79 CVE-2008-6510: Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and ea
Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to inject arbitrary web script or HTML via the url parameter.
nvd
CVE-2014-2741P3HIGHCVSS 7.8≤ 3.9.12014-04-11
CVE-2014-2741 [HIGH] CWE-264 CVE-2014-2741: nio/XMLLightweightParser.java in Ignite Realtime Openfire before 3.9.2 does not properly restrict th
nio/XMLLightweightParser.java in Ignite Realtime Openfire before 3.9.2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
nvd
CVE-2025-59154P3MEDIUMCVSS 5.9fixed in 5.0.22025-09-15
CVE-2025-59154 [MEDIUM] CWE-290 CVE-2025-59154: Openfire is an XMPP server licensed under the Open Source Apache License. Openfire’s SASL EXTERNAL m
Openfire is an XMPP server licensed under the Open Source Apache License. Openfire’s SASL EXTERNAL mechanism for client TLS authentication contains a vulnerability in how it extracts user identities from X.509 certificates. Instead of parsing the structured ASN.1 data, the code calls X509Certificate.getSubjectDN().getName() and applies a regex to lo
nvd
CVE-2009-1596P4MEDIUMCVSS 6.5fixed in 3.6.52009-05-11
CVE-2009-1596 [MEDIUM] CWE-287 CVE-2009-1596: Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password (aka canChan
Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password (aka canChangePassword) console configuration setting, which allows remote authenticated users to bypass intended policy and change their own passwords via a passwd_change IQ packet.
nvd
CVE-2020-36956P4MEDIUMCVSS 6.4≤ 4.6.02026-01-26
CVE-2020-36956 [MEDIUM] CWE-79 CVE-2020-36956: Openfire 4.6.0 contains a stored cross-site scripting vulnerability in the nodejs plugin that allows
Openfire 4.6.0 contains a stored cross-site scripting vulnerability in the nodejs plugin that allows attackers to inject malicious scripts through the 'path' parameter. Attackers can craft a payload with script tags to execute arbitrary JavaScript in the context of administrative users viewing the nodejs configuration page.
nvd
1 / 2Next →