Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.igniterealtime.openfire/distribution@4.6.8

Type maven

Namespace org.igniterealtime.openfire

Name distribution

Version 4.6.8

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.7.5

Latest_non_vulnerable_version 4.7.5

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-zdj9-978v-h7d9

vulnerability_id VCID-zdj9-978v-h7d9

summary

Administration Console authentication bypass in openfire xmppserver
An important security issue affects a range of versions of Openfire, the cross-platform real-time collaboration server based on the XMPP protocol that is created by the Ignite Realtime community.

references

reference_url

http://packetstormsecurity.com/files/173607/Openfire-Authentication-Bypass-Remote-Code-Execution.html

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T16:14:29Z/

url

http://packetstormsecurity.com/files/173607/Openfire-Authentication-Bypass-Remote-Code-Execution.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-32315

reference_id

reference_type

scores

value	0.94441
scoring_system	epss
scoring_elements	0.99991
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-32315

reference_url

https://github.com/igniterealtime/Openfire

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/igniterealtime/Openfire

reference_url

https://github.com/igniterealtime/Openfire/commit/2ac00a1ff42f5d3547ef58e21f8cdec992bfcf97

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/igniterealtime/Openfire/commit/2ac00a1ff42f5d3547ef58e21f8cdec992bfcf97

reference_url

https://github.com/igniterealtime/Openfire/commit/71f3def2adeaac62729cf544b645c6819c3d9868

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/igniterealtime/Openfire/commit/71f3def2adeaac62729cf544b645c6819c3d9868

reference_url

https://github.com/igniterealtime/Openfire/commit/a3b5ebd5032ff7be9d3ada5bf52bea2df96ec881

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/igniterealtime/Openfire/commit/a3b5ebd5032ff7be9d3ada5bf52bea2df96ec881

reference_url

https://github.com/igniterealtime/Openfire/releases/tag/v4.6.8

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/igniterealtime/Openfire/releases/tag/v4.6.8

reference_url

https://github.com/igniterealtime/Openfire/releases/tag/v4.7.5

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/igniterealtime/Openfire/releases/tag/v4.7.5

reference_url

https://igniterealtime.atlassian.net/browse/OF-2595

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://igniterealtime.atlassian.net/browse/OF-2595

reference_url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-32315

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-32315

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-32315

reference_id

CVE-2023-32315

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-32315

reference_url	https://github.com/advisories/GHSA-gw42-f939-fhvm
reference_id	GHSA-gw42-f939-fhvm
reference_type
scores
url	https://github.com/advisories/GHSA-gw42-f939-fhvm

reference_url

https://github.com/igniterealtime/Openfire/security/advisories/GHSA-gw42-f939-fhvm

reference_id

GHSA-gw42-f939-fhvm

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T16:14:29Z/

url

https://github.com/igniterealtime/Openfire/security/advisories/GHSA-gw42-f939-fhvm

fixed_packages

url	pkg:maven/org.igniterealtime.openfire/distribution@4.6.8
purl	pkg:maven/org.igniterealtime.openfire/distribution@4.6.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.igniterealtime.openfire/distribution@4.6.8

url	pkg:maven/org.igniterealtime.openfire/distribution@4.7.5
purl	pkg:maven/org.igniterealtime.openfire/distribution@4.7.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.igniterealtime.openfire/distribution@4.7.5

aliases CVE-2023-32315, GHSA-gw42-f939-fhvm

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdj9-978v-h7d9

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.igniterealtime.openfire/distribution@4.6.8

Package Instance