First published: Thu Jul 20 2023(Updated: )
Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.
Credit: psirt@adobe.com psirt@adobe.com psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe ColdFusion | =2018 | |
Adobe ColdFusion | =2018-update1 | |
Adobe ColdFusion | =2018-update10 | |
Adobe ColdFusion | =2018-update11 | |
Adobe ColdFusion | =2018-update12 | |
Adobe ColdFusion | =2018-update13 | |
Adobe ColdFusion | =2018-update14 | |
Adobe ColdFusion | =2018-update15 | |
Adobe ColdFusion | =2018-update16 | |
Adobe ColdFusion | =2018-update18 | |
Adobe ColdFusion | =2018-update2 | |
Adobe ColdFusion | =2018-update3 | |
Adobe ColdFusion | =2018-update4 | |
Adobe ColdFusion | =2018-update5 | |
Adobe ColdFusion | =2018-update6 | |
Adobe ColdFusion | =2018-update7 | |
Adobe ColdFusion | =2018-update8 | |
Adobe ColdFusion | =2018-update9 | |
Adobe ColdFusion | =2021 | |
Adobe ColdFusion | =2021-update1 | |
Adobe ColdFusion | =2021-update2 | |
Adobe ColdFusion | =2021-update3 | |
Adobe ColdFusion | =2021-update4 | |
Adobe ColdFusion | =2021-update5 | |
Adobe ColdFusion | =2021-update6 | |
Adobe ColdFusion | =2021-update7 | |
Adobe ColdFusion | =2021-update8 | |
Adobe ColdFusion | =2023 | |
Adobe ColdFusion | =2023-update1 | |
Adobe ColdFusion | =2023-update2 |
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-38205.
The severity of CVE-2023-38205 is high with a severity value of 7.5.
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier), and 2023u2 (and earlier) are affected by CVE-2023-38205.
CVE-2023-38205 can result in a security feature bypass, allowing an attacker to access the administration CFM and CFC endpoints.
You can find more information about CVE-2023-38205 at the following reference: [link](https://helpx.adobe.com/security/products/coldfusion/apsb23-47.html).