Skip to content

Ignite Realtime Openfire privilege escalation vulnerability

High severity GitHub Reviewed Published Mar 26, 2024 to the GitHub Advisory Database • Updated Mar 27, 2024

Package

maven org.igniterealtime.openfire:xmppserver (Maven)

Affected versions

< 4.8.1

Patched versions

4.8.1

Description

An issue in Ignite Realtime Openfire v.4.8.0 and before allows a remote attacker to escalate privileges via the ROOM_CACHE component.

References

Published by the National Vulnerability Database Mar 26, 2024
Published to the GitHub Advisory Database Mar 26, 2024
Reviewed Mar 27, 2024
Last updated Mar 27, 2024

Severity

High

EPSS score

0.045%
(17th percentile)

Weaknesses

CVE ID

CVE-2024-25421

GHSA ID

GHSA-6pwg-gg6j-5crm

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.