Openfire

Openfire Console Identity Authentication Bypass Vulnerability (CVS 2023-32315) Notification

June 16, 2023

Overview Recently, NSFOCUS CERT detected an identity authentication bypass vulnerability in the Openfire console (CVE-2023-32315). The Admin Console of Openfire is a web-based application that has been found to be vulnerable to path traversal attacks by setting up the environment. Unauthenticated attackers use the unauthenticated Openfire setting environment in a configured Openfire environment to access […]

Search

Subscribe to the NSFOCUS Blog