CVE-2023-29298
- Reference to the description:
- Description:
- Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
- Last updated date:
- 07/19/2023
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 07/20/2023
- Reference url to background
https://www.cisa.gov/known-exploited-vulnerabilities-catalog