Vulnerability feed

Vulnerability

CVE-2023-26360

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-26360
Description:: Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
Last updated date:: 05/01/2023

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 03/15/2023
Reference url to background: https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 03/15/2023
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/14/2023
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/adobe_coldfusion_fileread_cve_2023_26360.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/17/2023
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/adobe_coldfusion_rce_cve_2023_26360.rb

Vulnerability Feed Contributors About Blog

@inTheWild

©2023 |