CVE-2022-47501

Name of the Vulnerable Software and Affected Versions Apache OFBiz versions prior to 18.12.07

Description The issue is an arbitrary file reading vulnerability in Apache OFBiz when using the Solr plugin. This is a pre-authentication attack, meaning it can be exploited without needing to authenticate first.

Recommendations For versions prior to 18.12.07, update to version 18.12.07 or later to resolve the issue. As a temporary workaround, consider disabling the Solr plugin until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation.