CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
28 August 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity.