Adobe Fixes Critical Security Vulnerabilities in Coldfusion

Adobe Fixes Critical Security Vulnerabilities in Coldfusion

Adobe logo

Adobe released security updates for three vulnerabilities in ColdFusion. Two of these vulnerabilities are rated as Critical as they allow code execution and can bypass access controls. The other is an labeled critical as it allows information disclosure.

The more critical issue is the code execution vulnerability as it could potentially allow for the takeover of a server.

The vulnerabilities details can be seen below:

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Security bypass Information Disclosure Important CVE-2019-8072
Command Injection via Vulnerable component Arbitrary code execution Critical  CVE-2019-8073
Path Traversal Vulnerability Access Control Bypass Critical  CVE-2019-8074

To resolve these vulnerabilities, Adobe suggests that users update to…


Source link

About coldfusion

Check Also

CISA Reports Adobe ColdFusion Flaw Exploitation in Federal Agency – Security Boulevard

CISA Reports Adobe ColdFusion Flaw Exploitation in Federal Agency – Security Boulevard

[unable to retrieve full-text content]CISA Reports Adobe ColdFusion Flaw Exploitation in Federal Agency  Security Boulevard Source …

Leave a Reply

Your email address will not be published. Required fields are marked *