Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
adobeAdobeAPSB23-52
HistoryNov 14, 2023 - 12:00 a.m.

APSB23-52 : Security update available for Adobe ColdFusion

2023-11-1400:00:00
helpx.adobe.com
14
adobe
coldfusion
security update
critical vulnerabilities
arbitrary code execution
security feature bypass
software

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

Low

EPSS

0.009

Percentile

82.9%

JSON

Adobe has released security updates for ColdFusion versions 2023 and 2021. These updates resolve critical, important and moderate vulnerabilities that could lead to arbitrary code execution and security feature bypass.

Related

nessus 1
prion 6
nvd 6
cve 6
cvelist 6
vulnrichment 3
nuclei 3
cnvd 5
hackerone 1
nessus
nessus
Adobe ColdFusion < 2021.x < 2021u12 / 2023.x < 2023u6 Multiple Vulnerabilities (APSB23-52)
2023-11-15 00:00:00
prion
prion
Input validation
2023-11-17 14:15:00
Deserialization of untrusted data
2023-11-17 14:15:00
Cross site scripting
2023-11-17 14:15:00
nvd
nvd
CVE-2023-44352
2023-11-17 14:15:21
CVE-2023-44351
2023-11-17 14:15:21
CVE-2023-44353
2023-11-17 14:15:21
cve
cve
CVE-2023-44352
2023-11-17 14:15:21
CVE-2023-44353
2023-11-17 14:15:21
CVE-2023-44351
2023-11-17 14:15:21
cvelist
cvelist
CVE-2023-44352 Unauthenticate Reflected XSS on Adobe Coldfusion 2018 - 2021 - 2023 last version
2023-11-17 13:31:31
CVE-2023-44355 ColdFusion | Improper Input Validation (CWE-20)
2023-11-17 13:31:33
CVE-2023-44350 ColdFusion | Deserialization of Untrusted Data (CWE-502)
2023-11-17 13:31:30
vulnrichment
vulnrichment
CVE-2023-44350 ColdFusion | Deserialization of Untrusted Data (CWE-502)
2023-11-17 13:31:30
CVE-2023-44353 ColdFusion WDDX Deserialization Gadgets
2023-11-17 13:31:31
CVE-2023-44351 Adobe ColdFusion RCE Security Vulnerability
2023-11-17 13:31:34
nuclei
nuclei
Adobe Coldfusion - Cross-Site Scripting
2024-01-12 23:55:49
Adobe ColdFusion WDDX Deserialization Gadgets
2023-11-22 16:48:59
Adobe Coldfusion - Authentication Bypass
2023-11-23 11:53:05
cnvd
cnvd
Adobe ColdFusion Code Execution Vulnerability (CNVD-2023-100310)
2023-11-21 00:00:00
Adobe ColdFusion Cross-Site Scripting Vulnerability (CNVD-2023-100311)
2023-11-21 00:00:00
Adobe ColdFusion Code Execution Vulnerability
2023-11-21 00:00:00
hackerone
hackerone
U.S. Dept Of Defense: CVE-2023-26347 in https://████.mil/hax/..CFIDE/adminapi/administrator.cfc?method=getBuildNumber&_cfclient=true
2024-05-24 13:41:36

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

Low

EPSS

0.009

Percentile

82.9%

JSON
Related for APSB23-52
nessus1prion6nvd6cve6cvelist6vulnrichment3nuclei3cnvd5hackerone1