Skip to content
/ CVE-2022-29063 Public

CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mbadanoiu/CVE-2022-29063

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
Apache OfBiz - CVE-2022-29063.pdf
Apache OfBiz - CVE-2022-29063.pdf
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz

The OfBiz Solr plugin is configured by default to automatically make a RMI request on localhost, port 1099. By hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run arbitrary code as the user that started OfBiz and potentially elevate his/her privileges.

Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found here.

Requirements:

This vulnerability requires:

  • Run a malicious RMI server on localhost:1099
  • Wait for Apache OfBiz application to start/restart

Proof Of Concept:

More details and the exploitation process can be found in this PDF.

About

CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz

Topics

deserialization cve local-privilege-escalation cves 0-day cve-2022-29063

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository