CVE-2023-38205 - Adobe ColdFusion Improper Access Control Vulnerability
Project:Adobe
Product:ColdFusion
Date Added:2023-07-20Due Date:2023-08-10
Vulnerability Name
Adobe ColdFusion Improper Access Control Vulnerability
Description
Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://helpx.adobe.com/security/products/coldfusion/apsb23-47.html
https://nvd.nist.gov/vuln/detail/CVE-2023-38205
Related News Articles
Adobe warns of critical ColdFusion bug with PoC exploit codeDecember 24, 2024