Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2023-38203

Disclosure Date: July 20, 2023 (last updated October 08, 2023)
Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
1
0
Attacker Value
Moderate

CVE-2023-29298

Disclosure Date: July 12, 2023 (last updated October 08, 2023)
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
2
1