{"id":1268587,"date":"2024-08-06T02:35:03","date_gmt":"2024-08-06T04:35:03","guid":{"rendered":"https:\/\/teknomers.com\/fr\/une-nouvelle-faille-zero-day-dans-apache-ofbiz-erp-permet-lexecution-de-code-a-distance\/"},"modified":"2024-08-06T02:35:07","modified_gmt":"2024-08-06T04:35:07","slug":"une-nouvelle-faille-zero-day-dans-apache-ofbiz-erp-permet-lexecution-de-code-a-distance","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/une-nouvelle-faille-zero-day-dans-apache-ofbiz-erp-permet-lexecution-de-code-a-distance\/","title":{"rendered":"Une nouvelle faille zero-day dans Apache OFBiz ERP permet l&#8217;ex\u00e9cution de code \u00e0 distance"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">06 ao\u00fbt 2024<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">S\u00e9curit\u00e9 de l&#8217;entreprise \/ Vuln\u00e9rabilit\u00e9<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" href=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/08\/Une-nouvelle-faille-zero-day-dans-Apache-OFBiz-ERP-permet-lexecution.png\" style=\"display: block; text-align: center; clear: left; float: left;\"><\/a><\/div>\n<p>Une nouvelle vuln\u00e9rabilit\u00e9 d&#8217;ex\u00e9cution de code \u00e0 distance de pr\u00e9-authentification zero-day a \u00e9t\u00e9 divulgu\u00e9e dans le syst\u00e8me de planification des ressources d&#8217;entreprise (ERP) open source Apache OFBiz qui pourrait permettre aux acteurs de la menace d&#8217;ex\u00e9cuter du code \u00e0 distance sur les instances affect\u00e9es.<\/p>\n<p>Suivi comme <strong><a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38856\" target=\"_blank\">CVE-2024-38856<\/a><\/strong>la faille a un score CVSS de 9,8 sur un maximum de 10,0. Elle affecte les versions d&#8217;Apache OFBiz ant\u00e9rieures au 18.12.15.<\/p>\n<p>\u00ab La cause profonde de la vuln\u00e9rabilit\u00e9 r\u00e9side dans une faille dans le m\u00e9canisme d&#8217;authentification \u00bb, a d\u00e9clar\u00e9 SonicWall, qui a d\u00e9couvert et signal\u00e9 la faille, dans un communiqu\u00e9.<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/thehackernews.uk\/ever-d\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"La cyber-s\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/08\/1722872960_626_Des-organisations-kazakhes-ciblees-par-des-cyberattaques-de-type.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>\u00ab Cette faille permet \u00e0 un utilisateur non authentifi\u00e9 d&#8217;acc\u00e9der \u00e0 des fonctionnalit\u00e9s qui n\u00e9cessitent g\u00e9n\u00e9ralement que l&#8217;utilisateur soit connect\u00e9, ouvrant ainsi la voie \u00e0 l&#8217;ex\u00e9cution de code \u00e0 distance. \u00bb<\/p>\n<p>CVE-2024-38856 est \u00e9galement un contournement de correctif pour <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-36104\" target=\"_blank\">CVE-2024-36104<\/a>une vuln\u00e9rabilit\u00e9 de travers\u00e9e de chemin qui a \u00e9t\u00e9 corrig\u00e9e d\u00e9but juin avec la sortie de la version 18.12.14.<\/p>\n<p>SonicWall a d\u00e9crit la faille comme r\u00e9sidant dans la fonctionnalit\u00e9 de vue de remplacement qui expose les points de terminaison critiques \u00e0 des acteurs de menaces non authentifi\u00e9s, qui pourraient l&#8217;exploiter pour r\u00e9aliser l&#8217;ex\u00e9cution de code \u00e0 distance via des requ\u00eates sp\u00e9cialement con\u00e7ues.<\/p>\n<p>\u00ab Un acc\u00e8s non authentifi\u00e9 a \u00e9t\u00e9 autoris\u00e9 au point de terminaison ProgramExport en le cha\u00eenant avec d&#8217;autres points de terminaison qui ne n\u00e9cessitent pas d&#8217;authentification en abusant de la fonctionnalit\u00e9 d&#8217;affichage de remplacement \u00bb, a d\u00e9clar\u00e9 le chercheur en s\u00e9curit\u00e9 Hasib Vhora <a rel=\"nofollow noopener\" href=\"https:\/\/blog.sonicwall.com\/en-us\/2024\/08\/sonicwall-discovers-second-critical-apache-ofbiz-zero-day-vulnerability\/\" target=\"_blank\">dit<\/a>.<\/p>\n<section class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/thehackernews.uk\/cis-image-hn\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"La cyber-s\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/08\/Les-publicites-Facebook-menent-a-de-faux-sites-Web-qui.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/section>\n<p>Ce d\u00e9veloppement intervient alors qu&#8217;une autre vuln\u00e9rabilit\u00e9 de travers\u00e9e de chemin critique dans OFBiz pourrait entra\u00eener l&#8217;ex\u00e9cution de code \u00e0 distance (<a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-32113\" target=\"_blank\">CVE-2024-32113<\/a>) a depuis \u00e9t\u00e9 activement exploit\u00e9 pour d\u00e9ployer le botnet Mirai. Il a \u00e9t\u00e9 corrig\u00e9 en mai 2024.<\/p>\n<p>En d\u00e9cembre 2023, SonicWall a \u00e9galement r\u00e9v\u00e9l\u00e9 une faille zero-day dans le m\u00eame logiciel (CVE-2023-51467) qui permettait de contourner les protections d&#8217;authentification. Elle a ensuite fait l&#8217;objet de nombreuses tentatives d&#8217;exploitation.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ? Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire davantage de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2024\/08\/new-zero-day-flaw-in-apache-ofbiz-erp.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80206 ao\u00fbt 2024\ue804Ravie LakshmananS\u00e9curit\u00e9 de l&#8217;entreprise \/ Vuln\u00e9rabilit\u00e9 Une nouvelle vuln\u00e9rabilit\u00e9 d&#8217;ex\u00e9cution de code \u00e0 distance de pr\u00e9-authentification zero-day a \u00e9t\u00e9 divulgu\u00e9e dans le syst\u00e8me de planification des ressources d&#8217;entreprise (ERP) open source Apache OFBiz qui pourrait permettre aux acteurs de la menace d&#8217;ex\u00e9cuter du code \u00e0 distance sur les instances affect\u00e9es. Suivi comme CVE-2024-38856la [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1268588,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[238714,200292,238582,240744,238778,43333,5597,4168,4165,429,2526,74589,9048,238584,40144,200271,238334,98340,197,221841,9701,238617,4172,4169,196,4166,238583,35759],"class_list":["post-1268587","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-actualites-des-hackers","tag-actualites-sur-la-cybersecurite","tag-actualites-sur-la-cybersecurite-aujourdhui","tag-actualites-sur-le-cyberespace","tag-actualites-sur-le-piratage-informatique","tag-apache","tag-code","tag-comment-pirater","tag-cyber-attaques","tag-dans","tag-distance","tag-erp","tag-faille","tag-les-nouvelles-des-hackers","tag-lexecution","tag-logiciel-malveillant-rancongiciel","tag-mises-a-jour-cybernetiques","tag-mises-a-jour-de-cybersecurite","tag-nouvelle","tag-ofbiz","tag-permet","tag-securite-de-linformation","tag-securite-informatique","tag-securite-internet","tag-une","tag-violation-de-donnees","tag-vulnerabilite-du-logiciel","tag-zeroday"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1268587","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=1268587"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1268587\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/1268588"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=1268587"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=1268587"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=1268587"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}