Adobe ColdFusion Multiple Vulnerabilities
Last Update Date:
25 Sep 2019 09:16
Release Date:
25 Sep 2019
5422
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in Adobe ColdFusion, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution, obtain sensitive information and bypass security restriction on the targeted system.
Impact
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- ColdFusion 2018 Update 4 and earlier versions
- ColdFusion 2016 Update 11 and earlier versions
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply fixes issued by the vendor:
ColdFusion 2018 Update 5
ColdFusion 2016 Update 12
Vulnerability Identifier
Source
Related Link
Share with