DIVD-2023-00027 - Ignite Realtime Openfire auth bypass - CVE-2023-32315
| Our reference | DIVD-2023-00027 |
| Case lead | Hans Meuris |
| Researcher(s) |
|
| CVE(s) | |
| Product | Ignite Realtime Openfire |
| Versions |
|
| Recommendation | Update your system to the latest version |
| Workaround | See vendor writeup: https://github.com/igniterealtime/Openfire/security/advisories/GHSA-gw42-f939-fhvmA |
| Status | Open |
| Last modified | 12 Jul 2023 21:47 |
Summary
On the may 23th Ignite Realtime released a patch for CVE-2023-32315, which is an authentication bypass through a path traversal vulnerability in Ingnite realtime Openfire software. DIVD will scan and notify systems that haven’t installed the patch and are vulnerable for this CVE.
What you can do
- Update your system to the latest version
- Follow the direction of the vendor addressing this issue at Openfire security advisory GHSA-gw42-f939
What we are doing
- DIVD is currently identifying all the vulnerable Ignite Reality Openfire servers.
Timeline
| Date | Description |
|---|---|
| 23 Jun 2023 | Started research |
| 09 Jul 2023 | publishing casefile |
| 09 Jul 2023 | fingerprint |
| 09 Jul 2023 | mailrun |
gantt
title DIVD-2023-00027 - Ignite Realtime Openfire auth bypass - CVE-2023-32315
dateFormat YYYY-MM-DD
axisFormat %e %b %Y
section Case
DIVD-2023-00027 - Ignite Realtime Openfire auth bypass - CVE-2023-32315 (still open) :2023-06-23, 2024-05-13
section Events
Started research : milestone, 2023-06-23, 0d
publishing casefile : milestone, 2023-07-09, 0d
fingerprint : milestone, 2023-07-09, 0d
mailrun : milestone, 2023-07-09, 0d