CISA reveals how fed agency succumbed to ColdFusion attacks • The Register

CISA reveals how fed agency succumbed to ColdFusion attacks • The Register

CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability.

The vulnerability, tracked as CVE-2023-26360, was disclosed in March and was shortly after added to CISA’s known exploited vulnerability (KEV) catalog, setting an April 5 deadline for agencies to fix the issue.

In a Tuesday advisory, CISA revealed the federal civilian executive branch (FCEB) in question was successfully attacked in June and into July, meaning the vulnerability went unpatched for more than three months after CISA’s deadline. 

CISA did not respond to questions about whether the agency has now patched the vulnerability,…


Source link

About coldfusion

Check Also

The History and Size of Microsoft | ColdFusion – MSN

Department of Energy To Revisit Cold Fusion – Space Daily

[unable to retrieve full-text content]Department of Energy To Revisit Cold Fusion  Space Daily Source link

Leave a Reply

Your email address will not be published. Required fields are marked *