← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-32315 — Actively Exploited: Openfire (Ignite Realtime)

Ignite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access restricted pages in the Openfire Admin Console reserved for administrative users.

CVE IDCVE-2023-32315
VendorIgnite Realtime
ProductOpenfire
Vulnerability nameIgnite Realtime Openfire Path Traversal Vulnerability
Date added2023-08-24
Remediation due2023-09-14
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionIgnite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access restricted pages in the Openfire Admin Console reserved for administrative users.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →