What is the vulnerability ID?

The vulnerability ID is CVE-2023-38204.

What is the severity of CVE-2023-38204?

The severity of CVE-2023-38204 is critical with a CVSS score of 9.8.

What is the impact of CVE-2023-38204?

CVE-2023-38204 can result in arbitrary code execution.

How can I mitigate CVE-2023-38204?

To mitigate CVE-2023-38204, it is recommended to update Adobe ColdFusion to the latest version available.

vuln-group

CVE-2023-38204

Severity: critical (9.8)

First published: Thu Sep 14 2023

Last modified: Tue Sep 19 2023

CWE: 502

Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.

Any of

Adobe ColdFusion
2018
Adobe ColdFusion
2018-update1
Adobe ColdFusion
2018-update10
Adobe ColdFusion
2018-update11
Adobe ColdFusion
2018-update12
Adobe ColdFusion
2018-update13
Adobe ColdFusion
2018-update14
Adobe ColdFusion
2018-update15
Adobe ColdFusion
2018-update16
Adobe ColdFusion
2018-update18
Adobe ColdFusion
2018-update2
Adobe ColdFusion
2018-update3
Adobe ColdFusion
2018-update4
Adobe ColdFusion
2018-update5
Adobe ColdFusion
2018-update6
Adobe ColdFusion
2018-update7
Adobe ColdFusion
2018-update8
Adobe ColdFusion
2018-update9
Adobe ColdFusion
2021
Adobe ColdFusion
2021-update1
Adobe ColdFusion
2021-update2
Adobe ColdFusion
2021-update3
Adobe ColdFusion
2021-update4
Adobe ColdFusion
2021-update5
Adobe ColdFusion
2021-update6
Adobe ColdFusion
2021-update7
Adobe ColdFusion
2021-update8
Adobe ColdFusion
2023
Adobe ColdFusion
2023-update1
Adobe ColdFusion
2023-update2

FAQ

What is the vulnerability ID?
The vulnerability ID is CVE-2023-38204.
What is the severity of CVE-2023-38204?
The severity of CVE-2023-38204 is critical with a CVSS score of 9.8.
Which versions of Adobe ColdFusion are affected by CVE-2023-38204?
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier), and 2023u2 (and earlier) are affected by CVE-2023-38204.
What is the impact of CVE-2023-38204?
CVE-2023-38204 can result in arbitrary code execution.
How can I mitigate CVE-2023-38204?
To mitigate CVE-2023-38204, it is recommended to update Adobe ColdFusion to the latest version available.

Reference Links

https://helpx.adobe.com/security/products/coldfusion/apsb23-47.html

collector/nvd-api
vendor/adobe
product/coldfusion
canonical/adobe coldfusion

FAQ

What is the vulnerability ID?
The vulnerability ID is CVE-2023-38204.
What is the severity of CVE-2023-38204?
The severity of CVE-2023-38204 is critical with a CVSS score of 9.8.
Which versions of Adobe ColdFusion are affected by CVE-2023-38204?
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier), and 2023u2 (and earlier) are affected by CVE-2023-38204.
What is the impact of CVE-2023-38204?
CVE-2023-38204 can result in arbitrary code execution.
How can I mitigate CVE-2023-38204?
To mitigate CVE-2023-38204, it is recommended to update Adobe ColdFusion to the latest version available.

CVE-2023-38204

Any of

FAQ

What is the vulnerability ID?

What is the severity of CVE-2023-38204?

Which versions of Adobe ColdFusion are affected by CVE-2023-38204?

What is the impact of CVE-2023-38204?

How can I mitigate CVE-2023-38204?

Reference Links

Navigation

FAQ

What is the vulnerability ID?

What is the severity of CVE-2023-38204?

Which versions of Adobe ColdFusion are affected by CVE-2023-38204?

What is the impact of CVE-2023-38204?

How can I mitigate CVE-2023-38204?