JD Supra

Adobe Issues Patches for ColdFusion “High Severity” Vulnerability

Adobe recently issued a patch for a high-severity vulnerability for ColdFusion versions 2023.11 and 2021.17 and earlier; according to the National Institute of Standards and Technology (NIST), “an ...
JD Supra

Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP

Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023, announced patches for CVE-2023-29298, an improper access control issue that ...
Bleeping Computer

CISA warns of Adobe ColdFusion bug exploited as a zero-day

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...
Bleeping Computer

Critical ColdFusion flaws exploited in attacks to drop webshells

Update 7/17/23: The article was updated due to a mistaken warning added by Adobe to its email notification. However, a newer version of the bug was seen by Rapid7 to be actively exploited. Hackers are ...
techtimes

Adobe ColdFusion Experiences Zero-Day Bug Exploit Per CISA Warning

On Monday, the Cybersecurity and Infrastructure Security Agency (CISA) warned about a critical arbitrary code execution vulnerability (CVE-2023-26360) in Adobe ColdFusion 2018 and 2021. Risk of ...
CSOonline

Attackers breach US government agencies through ColdFusion flaw

In a new advisory that shows why it’s critical to keep Adobe ColdFusion deployments up to date, the US Cybersecurity and Infrastructure Security Agency (CISA) warns that two federal agencies were ...