8 matches found
Improper access control
Adobe ColdFusion versions 2018u18 and earlier, 2021u8 and earlier and 2023u2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints...
Improper access control
Adobe ColdFusion versions 2018u18 and earlier, 2021u8 and earlier and 2023u2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints...
CVE-2023-38204
CVE-2023-38204 affects Adobe ColdFusion versions 2018u18 and earlier, 2021u8 and earlier, and 2023u2 and earlier. The vulnerability is a Deserialization of Untrusted Data issue that could lead to Arbitrary code execution, with no user interaction required. The root cause is unsafe deserialization...
CVE-2023-38206
Adobe ColdFusion is affected by CVE-2023-38206: improper access control allowing an attacker to access administration CFM/CFC endpoints with no interaction, causing low confidentiality impact. Affected: ColdFusion versions 2018u18 and earlier, 2021u8 and earlier, 2023u2 and earlier. Exploitation ...
PT-2023-3960 · Adobe · Coldfusion
Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions 2018u18 and earlier Adobe ColdFusion versions 2021u8 and earlier Adobe ColdFusion versions 2023u2 and earlier Description: The issue is related to the deserialization mechanism in Adobe ColdFusion, which could allow ...
PT-2023-3961 · Adobe · Coldfusion
Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions 2018u18 and earlier, 2021u8 and earlier and 2023u2 and earlier Description: The issue is related to an improper access control vulnerability that could result in a security feature bypass. An attacker could leverage...
PT-2023-3959 · Adobe · Coldfusion
Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions 2018u18 and earlier Adobe ColdFusion versions 2021u8 and earlier Adobe ColdFusion versions 2023u2 and earlier Description: The issue is related to improper access control in the ColdFusion platform, which could allow...
Adobe ColdFusion < 2018.x < 2018u18 / 2021.x < 2021u8 / 2023.x < 2023u2 Code Execution (APSB23-41)
The version of Adobe ColdFusion installed on the remote Windows host is prior to 2018.x update 18, 2021.x update 8, or 2023.x update 2. It is, therefore, affected by a code execution vulnerability as referenced in the APSB23-41 advisory. Due to deserialization of untrusted data, a remote,...