Skip to main content

Adobe ColdFusion Multiple Vulnerabilities

Last Update Date: 25 Sep 2019 09:16 Release Date: 25 Sep 2019 5422 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

Multiple vulnerabilities were identified in Adobe ColdFusion, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution, obtain sensitive information and bypass security restriction on the targeted system.

 


Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • ColdFusion 2018 Update 4 and earlier versions
  • ColdFusion 2016 Update 11 and earlier versions

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

 

  • Apply fixes issued by the vendor:
    ColdFusion 2018 Update 5
    ColdFusion 2016 Update 12

Vulnerability Identifier


Source


Related Link