Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.COLDFUSION_WIN_APSB18-14.NASL
HistoryApr 12, 2018 - 12:00 a.m.

Adobe ColdFusion 11.x < 11u14 / 2016.x < 2016u6 Multiple Vulnerabilities (APSB18-14)

2018-04-1200:00:00
This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37
JSON

The version of Adobe ColdFusion running on the remote Windows host is 11.x prior to update 14 or 2016.x prior to update 6. It is, therefore, affected by multiple vulnerabilities.

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(109017);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/25");

  script_cve_id(
    "CVE-2018-4938",
    "CVE-2018-4939",
    "CVE-2018-4940",
    "CVE-2018-4941",
    "CVE-2018-4942"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/03");
  script_xref(name:"CEA-ID", value:"CEA-2020-0129");

  script_name(english:"Adobe ColdFusion 11.x < 11u14 / 2016.x < 2016u6 Multiple Vulnerabilities (APSB18-14)");

  script_set_attribute(attribute:"synopsis", value:
"A web-based application running on the remote host is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Adobe ColdFusion running on the remote Windows host is
11.x prior to update 14 or 2016.x prior to update 6. It is, therefore,
affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe ColdFusion version 11 update 14 / 2016 update 6 or
later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-4939");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/04/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:coldfusion");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("coldfusion_win_local_detect.nasl");
  script_require_keys("SMB/coldfusion/instance");
  script_require_ports(139, 445);

  exit(0);
}

include("audit.inc");
include("coldfusion_win.inc");
include("global_settings.inc");
include("misc_func.inc");

versions = make_list('11.0.0', '2016.0.0');
instances = get_coldfusion_instances(versions); # this exits if it fails

# Check the hotfixes and cumulative hotfixes
# installed for each instance of ColdFusion.
info = NULL;
instance_info = make_list();

foreach name (keys(instances))
{
  info = NULL;
  ver = instances[name];

  if (ver == "11.0.0")
  {
    info = check_jar_chf(name, 14);
  }

 else if (ver == "2016.0.0")
  {
    info = check_jar_chf(name, 6);
  }

  if (!isnull(info))
    instance_info = make_list(instance_info, info);
}

if (max_index(instance_info) == 0)
  exit(0, "No vulnerable instances of Adobe ColdFusion were detected.");

port = get_kb_item("SMB/transport");
if (!port)
  port = 445;

report =
  '\n' + 'Nessus detected the following unpatched instances :' +
  '\n' + join(instance_info, sep:'\n') +
  '\n';

security_report_v4(port:port, extra:report, severity:SECURITY_HOLE, xss:TRUE);
exit(0);
VendorProductVersionCPE
adobecoldfusioncpe:/a:adobe:coldfusion

Related

openvas 1
adobe 1
prion 5
cve 5
cisa_kev 1
attackerkb 1
checkpoint_advisories 1
seebug 1
threatpost 1
qualysblog 2
ics 1
openvas
openvas
Adobe ColdFusion Multiple Vulnerabilities-APSB18-14
2018-04-12 00:00:00
adobe
adobe
APSB18-14 Security updates available for ColdFusion
2018-04-10 00:00:00
prion
prion
Privilege escalation
2018-05-19 17:29:00
Xxe
2018-05-19 17:29:00
Cross site scripting
2018-05-19 17:29:00
cve
cve
CVE-2018-4941
2018-05-19 17:29:00
CVE-2018-4942
2018-05-19 17:29:00
CVE-2018-4939
2018-05-19 17:29:00
cisa_kev
cisa_kev
Adobe ColdFusion Deserialization of Untrusted Data Vulnerability
2021-11-03 00:00:00
attackerkb
attackerkb
CVE-2018-4939
2018-05-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe ColdFusion DataServicesCFProxy Insecure Deserialization (CVE-2018-4939)
2018-07-29 00:00:00
seebug
seebug
ColdFusion RCE(CVE-2018-4939)
2018-06-19 00:00:00
threatpost
threatpost
Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks
2020-10-21 20:31:17
qualysblog
qualysblog
NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities
2020-10-22 23:10:29
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
ics
ics
Potential for China Cyber Response to Heightened U.S.–China Tensions
2020-10-20 12:00:00
JSON
Related for COLDFUSION_WIN_APSB18-14.NASL
openvas1adobe1prion5cve5cisa_kev1attackerkb1checkpoint_advisories1seebug1threatpost1qualysblog2ics1