CVE-2023-32315

Name of the Vulnerable Software and Affected Versions Openfire versions 3.10.0 through 4.6.7 Openfire versions 4.7.0 through 4.7.4

Description The vulnerability is related to a path traversal attack in the administrative console of Openfire, allowing an unauthenticated user to access restricted pages. This issue affects all versions of Openfire released since April 2015. The estimated number of potentially affected devices worldwide is significant, with over 3,000 Openfire servers reportedly at risk. There have been real-world incidents where this issue was exploited, including the deployment of Kinsing malware and cryptominers. Technical details about exploitation include the use of path traversal to access restricted pages in the Openfire Admin Console.

Recommendations For Openfire versions 3.10.0 through 4.6.7, upgrade to version 4.6.8 or later. For Openfire versions 4.7.0 through 4.7.4, upgrade to version 4.7.5 or later. As a temporary workaround, consider restricting access to the setup environment to minimize the risk of exploitation.