A Critical Vulnerability in Openfire Admin Console Actively Exploited in the Wild

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

The vulnerability (CVE-2023-32315) in Ignite Realtime Openfire, enabling unauthorized access to privileged pages. Attackers exploit this by bypassing authentication, prompting immediate updates for affected servers.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.