VulnCheck, a vulnerability intelligence firm, reports that more than 3,000 Openfire servers have not been patched against a recent vulnerability, leaving them vulnerable to attacks utilizing a newly discovered exploit.
Openfire is a cross-platform real-time collaboration server written in Java that uses the XMPP protocol and supports administration via a web interface. It is maintained by Ignite Realtime.
The high-severity flaw, identified as CVE-2023-32315, was found in the Openfire administration console and is described as a path traversal bug that can be exploited through the setup environment to give unauthenticated attackers access to restricted pages in the admin console.
Read More: 3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.