Vulnerability Description
IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Ofbiz | < 17.12.04 |
Related Weaknesses (CWE)
References
- https://lists.apache.org/thread.html/r0a0a701610b3bcdf14634047313adab3f1628bb9aa
- https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c1
- https://lists.apache.org/thread.html/r2e669797c1ea08562253239d2dc4192d951945e0c3
- https://lists.apache.org/thread.html/rac7e36c3daa60dd4b813f72942921b4fad71da8214
- https://s.apache.org/choklMailing ListVendor Advisory
- https://lists.apache.org/thread.html/r0a0a701610b3bcdf14634047313adab3f1628bb9aa
- https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c1
- https://lists.apache.org/thread.html/r2e669797c1ea08562253239d2dc4192d951945e0c3
- https://lists.apache.org/thread.html/rac7e36c3daa60dd4b813f72942921b4fad71da8214
- https://s.apache.org/choklMailing ListVendor Advisory
FAQ
What is CVE-2020-13923?
CVE-2020-13923 is a vulnerability with a CVSS score of 5.3 (MEDIUM). IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04
How severe is CVE-2020-13923?
CVE-2020-13923 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-13923?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Ofbiz.