Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack
Fixes

Solution

No solution given by the vendor.


Workaround

Upgrade to at least 17.12.07 or apply one of the patches at https://issues.apache.org/jira/browse/OFBIZ-12216

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2024-08-03T22:02:50.505Z

Reserved: 2021-03-25T00:00:00

Link: CVE-2021-29200

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-04-27T20:15:08.827

Modified: 2024-11-21T06:00:48.660

Link: CVE-2021-29200

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.