CVE-2021-29200

CVE-2021-29200: RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI

Vendor Apache Software Foundation
Product Apache OFBiz
Published April 27, 2021
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

Description

Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack

Key dates

Disclosure timeline

April 27, 2021 CVE published
August 3, 2024 Record updated