{"id":10732,"date":"2024-05-01T21:29:05","date_gmt":"2024-05-01T21:29:05","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/"},"modified":"2024-05-01T21:29:05","modified_gmt":"2024-05-01T21:29:05","slug":"ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/","title":{"rendered":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)"},"content":{"rendered":"<p>What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability has been observed to be exploited in the wild. What is the recommended Mitigation?The vendor released Openfire version 4.6.8 and 4.7.5 that contains a fix in mid 2023. More information could be found here: https:\/\/github.com\/igniterealtime\/Openfire\/security\/advisories\/GHSA-gw42-f939-fhvmWhat FortiGuard Coverage is available?FortiGuard Labs has an existing &#8220;Openfire.setup.CVE-2023-32315.Authentication.Bypass&#8221; IPS signature released since August 2023.<a href=\"https:\/\/fortiguard.fortinet.com\/threat-signal-report\/5432\" target=\"_blank\" class=\"feedzy-rss-link-icon\" rel=\"noopener\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-10732","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2024-05-01T21:29:05+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2024-05-01T21:29:05+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/05\\\/01\\\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\\\/#blogposting\",\"name\":\"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) \\u203a Sekuritas IT\",\"headline\":\"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"datePublished\":\"2024-05-01T21:29:05+00:00\",\"dateModified\":\"2024-05-01T21:29:05+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/05\\\/01\\\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/05\\\/01\\\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/05\\\/01\\\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/05\\\/01\\\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\\\/#listItem\",\"name\":\"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/05\\\/01\\\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\\\/#listItem\",\"position\":3,\"name\":\"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/05\\\/01\\\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/05\\\/01\\\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\\\/\",\"name\":\"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) \\u203a Sekuritas IT\",\"description\":\"What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/05\\\/01\\\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"datePublished\":\"2024-05-01T21:29:05+00:00\",\"dateModified\":\"2024-05-01T21:29:05+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) \u203a Sekuritas IT","description":"What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/#blogposting","name":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) \u203a Sekuritas IT","headline":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"datePublished":"2024-05-01T21:29:05+00:00","dateModified":"2024-05-01T21:29:05+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/#listItem","name":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/#listItem","position":3,"name":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/","name":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) \u203a Sekuritas IT","description":"What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"datePublished":"2024-05-01T21:29:05+00:00","dateModified":"2024-05-01T21:29:05+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) \u203a Sekuritas IT","og:description":"What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability","og:url":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/","article:published_time":"2024-05-01T21:29:05+00:00","article:modified_time":"2024-05-01T21:29:05+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) \u203a Sekuritas IT","twitter:description":"What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability"},"aioseo_meta_data":{"post_id":"10732","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2024-05-01 21:50:45","updated":"2025-10-15 09:01:55","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tIgnite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)","link":"https:\/\/sekuritasit.com\/index.php\/2024\/05\/01\/ignite-realtime-openfire-path-traversal-vulnerability-cve-2023-32315\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/10732","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=10732"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/10732\/revisions"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=10732"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=10732"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=10732"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}