Adobe has released security updates for ColdFusion versions 2021 and 2018. These updates resolve critical and important vulnerabilities that could lead to arbitrary code execution and memory leak.

githubexploit 3

nessus 1

attackerkb 3

rapid7blog 3

malwarebytes 3

thn 4

cvelist 3

cve 3

prion 3

nvd 3

cisa_kev 2

zdi 1

cnvd 1

ics 1

hackerone 1

nuclei 1

exploitdb 1

packetstorm 3

impervablog 1

hivepro 1

zdt 2

metasploit 2

talosblog 1

securelist 1

qualysblog 1

githubexploit

Exploit for Improper Access Control in Adobe Coldfusion

2024-05-14 11:22:35

Exploit for Improper Access Control in Adobe Coldfusion

2023-12-26 06:26:01

Exploit for Improper Access Control in Adobe Coldfusion

2024-09-03 09:53:57

nessus

Adobe ColdFusion < 2018.x < 2018 Update 16 / 2021.x < 2021 Update 6 Multiple Vulnerabilities (APSB23-25)

2023-03-16 00:00:00

attackerkb

CVE-2023-26359

2023-03-14 00:00:00

CVE-2023-26360

2023-03-23 00:00:00

CVE-2023-29298

2023-07-12 00:00:00

rapid7blog

Rapid7 Observed Exploitation of Adobe ColdFusion

2023-03-21 15:10:50

CVE-2023-29298: Adobe ColdFusion Access Control Bypass

2023-07-11 15:30:00

Metasploit Weekly Wrap-Up

2023-05-05 18:48:25

malwarebytes

Adobe ColdFusion vulnerability exploited in the wild

2023-08-23 12:30:00

Adobe Coldfusion vulnerability used in attacks on government servers

2023-12-06 14:15:54

Update now! Microsoft fixes two zero-day bugs

2023-03-15 01:00:00

thn

Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog

2023-08-22 03:36:00

CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild

2023-03-16 04:47:00

Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

2023-12-06 10:10:00

cvelist

CVE-2023-26361 Adobe ColdFusion Directory Traversal Arbitrary file system read Vulnerability

2023-03-23 00:00:00

CVE-2023-26359 Adobe ColdFusion Deserialization of Untrusted Data Arbitrary code execution

2023-03-23 00:00:00

CVE-2023-26360 Adobe ColdFusion Improper Access Control Arbitrary code execution

2023-03-23 00:00:00

cve

CVE-2023-26359

2023-03-23 20:15:15

CVE-2023-26361

2023-03-23 20:15:15

CVE-2023-26360

2023-03-23 20:15:15

prion

Deserialization of untrusted data

2023-03-23 20:15:00

Path traversal

2023-03-23 20:15:00

Improper access control

2023-03-23 20:15:00

nvd

CVE-2023-26361

2023-03-23 20:15:15

CVE-2023-26359

2023-03-23 20:15:15

CVE-2023-26360

2023-03-23 20:15:15

cisa_kev

Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

2023-08-21 00:00:00

Adobe ColdFusion Deserialization of Untrusted Data Vulnerability

2023-03-15 00:00:00

zdi

Adobe ColdFusion copydirectory Directory Traversal Information Disclosure Vulnerability

2023-08-14 00:00:00

cnvd

Adobe ColdFusion Path Traversal Vulnerability (CNVD-2023-100303)

2023-03-17 00:00:00

ics

Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

2023-12-05 12:00:00

hackerone

U.S. Dept Of Defense: Unauthenticated File Read Adobe ColdFusion

2023-11-11 17:02:47

nuclei

Unauthenticated File Read Adobe ColdFusion

2023-05-09 09:33:18

exploitdb

Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read

2024-03-11 00:00:00

packetstorm

Adobe ColdFusion Unauthenticated Arbitrary File Read

2024-08-31 00:00:00

Adobe ColdFusion Unauthenticated Remote Code Execution

2023-05-01 00:00:00

Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read

2024-03-11 00:00:00

impervablog

CVE-2023-26360 – Adobe ColdFusion Arbitrary Code Execution

2023-04-04 10:04:27

hivepro

Adobe ColdFusion Vulnerability Leads to Federal Agency Breach

2023-12-07 05:51:09

zdt

Adobe ColdFusion Unauthenticated Remote Code Execution Exploit

2023-05-02 00:00:00

Adobe ColdFusion v 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read Exploit

2024-03-11 00:00:00

metasploit

Adobe ColdFusion Unauthenticated Remote Code Execution

2023-04-14 14:52:13

Adobe ColdFusion Unauthenticated Arbitrary File Read

2023-04-14 14:52:13

talosblog

A personal Year in Review to round out 2023

2023-12-14 19:00:09

securelist

Tropic Trooper spies on government entities in the Middle East

2024-09-05 08:00:12

qualysblog

The March 2023 Patch Tuesday Security Update Review

2023-03-15 00:08:07

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.965

Percentile

99.6%

JSON

Related for APSB23-25