- Description
- Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
- Source
- psirt@adobe.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Adobe ColdFusion Deserialization of Untrusted Data Vulnerability
- Exploit added on
- Mar 15, 2023
- Exploit action due
- Apr 5, 2023
- Required action
- Apply updates per vendor instructions.
- psirt@adobe.com
- CWE-284
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
今日の #脆弱性 #EPSS 値の上昇によって速やかな対応が必要な脆弱性はなし。 新規追加のうちスコアが高いもの CVE-2022-24706: Apache CouchDB RCE CVE-2023-0669: Fortra GoAnywhere MFT DoS CVE-2023-26360: Adobe ColdFusion Exploit=Yes、KEV=Yes https://t.co/M2S2UoVM4w
@papa_anniekey
20 Feb 2025
477 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-47575 2 - CVE-2024-4947 3 - CVE-2023-26360 4 - CVE-2024-9264 5 - CVE-2024-20481 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
26 Oct 2024
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
pews pews coming from 45.93.20.128 Usage of BruteRatel mass_exploit scripts CVE-2023-26360 CVE-2024-21683 CVE-2024-23108 CVE-2024-29895 CVE-2024-29895 credits: @learntocatch https://t.co/gV5QpvVekv
@banthisguy9349
25 Oct 2024
1445 Impressions
3 Retweets
24 Likes
7 Bookmarks
1 Reply
0 Quotes
🚩 Monitoring this #opendir since a few days. I will not put the IP because there is sensitive data but researchers will know how to get there, be careful. Some elements on the server: - Brute Ratel C4 - Scans for CVE-2023-26360 (Adobe ColdFusion) - Scans for CVE-2024-21683… ht
@1ZRR4H
12014 Impressions
29 Retweets
148 Likes
49 Bookmarks
1 Reply
5 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B54B2B0-B1E1-4B4E-A529-D0BD3B5DEEF3"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDB126BF-E09D-4E58-A39F-1190407D1CAB"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DDD85DF-69A0-476F-8365-CD67C75CF0CE"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update11:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23F63675-7817-4AF0-A7DB-5E35EDABF04E"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update12:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E3BF53E-2C0D-4F79-8B62-4C2A50CB5F52"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update13:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C26BF72C-E991-4170-B68B-09B20B6C0679"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update14:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25B4B4F2-318F-4046-ADE5-E9DD64F83FD9"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update15:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "831E8D69-62E9-4778-8CC5-D6D45CF5AB6F"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59649177-81EE-43C3-BFA5-E56E65B486DF"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "453B96ED-738A-4642-B461-C5216CF45CA3"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58D32489-627B-4E49-9329-8A3B8F8E4903"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D5860E1-D293-48FE-9796-058B78B2D571"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F9336CC-E38F-4BCB-83CD-805EC7FEF806"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97964507-047A-4CC8-8D2B-0EA0C7F9BD50"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82208628-F32A-4380-9B0F-DC8507E7701D"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1563CE5E-A4F7-40A4-A050-BB96E332D8DD"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A94B406-C011-4673-8C2B-0DD94D46CC4C"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFD05E3A-10F9-4C75-9710-BA46B66FF6E6"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D57C8681-AC68-47DF-A61E-B5C4B4A47663"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75608383-B727-48D6-8FFA-D552A338A562"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7773DB68-414A-4BA9-960F-52471A784379"
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B38B9E86-BCD5-4BCA-8FB7-EC55905184E6"
}
],
"operator": "OR"
}
]
}
]