Openfire Authentication Bypass (CVE-2023-32315)

high Nessus Plugin ID 178030

Language:

Version 1.45 Oct 27, 2025, 3:15 PM Logic Changes (Gate HTTP debugging behind hidden preference) Plugin Feed: 202510271515
Version 1.44 Oct 23, 2025, 3:11 AM Logic Changes (Fix HTTP/1 library to make sure it closes unused Keep-Alive connections) Plugin Feed: 202510230311
Version 1.42 Oct 16, 2025, 4:39 PM Logic Changes (Implement workaround in HTTP library to prevent triggering an engine bug.) Plugin Feed: 202510161639
Version 1.40 Oct 1, 2025, 9:12 PM Logic Changes (Adding support for user-supplied header added to all HTTP requests.) Plugin Feed: 202510012112
Version 1.39 Sep 30, 2025, 12:41 AM Logic Changes (Add extra checks to see whether plugins should run. Modernisation of the HTTP/1 library. Various corrections and fixes for CPE related Flatline Test Failures. Remove spurious authentication header.) Plugin Feed: 202509300041
Version 1.37 Jul 15, 2025, 2:39 AM Logic Changes Plugin Feed: 202507150239
Version 1.36 Jul 10, 2025, 5:41 PM Logic Changes (Windows CA support) Plugin Feed: 202507101741
Version 1.35 Feb 12, 2025, 3:29 PM Logic Changes Plugin Feed: 202502121529
Version 1.34 Feb 12, 2025, 1:58 AM Logic Changes Plugin Feed: 202502120158
Version 1.33 Feb 10, 2025, 4:00 PM Logic Changes Plugin Feed: 202502101600
Version 1.31 Jan 22, 2025, 5:44 PM New Plugin Feed: 202501221744
Version 1.29 Jan 13, 2025, 10:27 PM New Plugin Feed: 202501132227
Version 1.25 Nov 22, 2024, 6:54 PM Logic Changes (Fixed installation reporting) Plugin Feed: 202411221854
Version 1.24 Nov 12, 2024, 8:29 PM Logic Changes (Adding installs report) Plugin Feed: 202411122029
Version 1.23 Oct 10, 2024, 11:57 PM New Plugin Feed: 202410102357
Version 1.18 Jul 17, 2024, 11:02 PM Logic Changes Plugin Feed: 202407172302
Version 1.16 May 20, 2024, 10:13 AM Logic Changes Plugin Feed: 202405201013
Version 1.13 Mar 19, 2024, 6:40 PM Logic Changes (Improving logging to reduce disk space usage) Plugin Feed: 202403191840
Version 1.10 Feb 9, 2024, 11:22 AM New Plugin Feed: 202402091122
Version 1.7 Sep 26, 2023, 8:16 PM Logic Changes Plugin Feed: 202309262016
Version 1.6 Sep 11, 2023, 4:16 PM Exploit attributes ("Exploited by malware" set to "True") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Plugin Feed: 202309111616
Version 1.5 Aug 25, 2023, 12:02 AM CISA reference Plugin Feed: 202308250002
Version 1.4 Jul 19, 2023, 2:11 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") Exploit attributes ("Exploit framework metasploit" set to "True") Plugin Feed: 202307191411
Version 1.3 Jul 17, 2023, 5:15 PM Logic Changes (Make torture_cgi library PCP clean and consolidate utf16_to_ascii()) Plugin Feed: 202307171715
Version 1.2 Jul 10, 2023, 11:39 PM New Plugin Feed: 202307102339
Version 1.1 Jul 10, 2023, 4:14 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" set to "Exploits are available") Plugin Feed: 202307101614
Version 1.0 Jul 7, 2023, 6:06 PM New Plugin Feed: 202307071806

* Changelogs are generally available for changes made after Nov 1, 2022

Detections

Analytics

Openfire Authentication Bypass (CVE-2023-32315)

high Nessus Plugin ID 178030

Version 1.45

Version 1.44

Version 1.42

Version 1.40

Version 1.39

Version 1.37

Version 1.36

Version 1.35

Version 1.34

Version 1.33

Version 1.31

Version 1.29

Version 1.25

Version 1.24

Version 1.23

Version 1.18

Version 1.16

Version 1.13

Version 1.10

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.0