CVE-2024-34113

ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords vulnerability that could result in a security feature bypass. This vulnerability arises due to the use of insufficiently strong cryptographic algorithms or flawed implementation that compromises the...

CVE-2024-34112

ColdFusion versions 2023u7, 2021u13 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could exploit this vulnerability to gain unauthorized access to sensitive files or data. Exploitation of this issue does not requir...

PT-2024-4222 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: ColdFusion versions 2023u7, 2021u13 and earlier Description: The issue arises due to the use of insufficiently strong cryptographic algorithms or flawed implementation that compromises the confidentiality of password data. An attacker could...

PT-2024-4220 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: ColdFusion versions 2023u7, 2021u13 and earlier Description: The issue is related to improper access control, which could result in arbitrary file system read. An attacker could exploit this to gain unauthorized access to sensitive files or...