CVE-2024-45113: ColdFusion | Improper Authentication (CWE-287)
First published: Fri Sep 13 2024(Updated: )
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access and affect the integrity of the application. Exploitation of this issue does not require user interaction.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe ColdFusion | =2023 | |
| Adobe ColdFusion | =2023-update1 | |
| Adobe ColdFusion | =2023-update2 | |
| Adobe ColdFusion | =2023-update3 | |
| Adobe ColdFusion | =2023-update4 | |
| Adobe ColdFusion | =2023-update5 | |
| Adobe ColdFusion | =2023-update6 | |
| Adobe ColdFusion | =2021 | |
| Adobe ColdFusion | =2021-update1 | |
| Adobe ColdFusion | =2021-update10 | |
| Adobe ColdFusion | =2021-update11 | |
| Adobe ColdFusion | =2021-update12 | |
| Adobe ColdFusion | =2021-update2 | |
| Adobe ColdFusion | =2021-update3 | |
| Adobe ColdFusion | =2021-update4 | |
| Adobe ColdFusion | =2021-update5 | |
| Adobe ColdFusion | =2021-update6 | |
| Adobe ColdFusion | =2021-update7 | |
| Adobe ColdFusion | =2021-update8 | |
| Adobe ColdFusion | =2021-update9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-45113?
CVE-2024-45113 has been classified as a high-severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2024-45113?
To fix CVE-2024-45113, update Adobe ColdFusion to the latest version or apply the available patches.
What versions of ColdFusion are affected by CVE-2024-45113?
CVE-2024-45113 affects Adobe ColdFusion versions 2023.6, 2021.12, and earlier releases.
What kind of attack does CVE-2024-45113 enable?
CVE-2024-45113 enables an attacker to exploit improper authentication, leading to unauthorized access.
Can CVE-2024-45113 impact the integrity of my applications?
Yes, exploitation of CVE-2024-45113 can compromise the integrity of applications running on affected ColdFusion versions.
- agent/title
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe coldfusion
- version/adobe coldfusion/2023
- version/adobe coldfusion/2023-update1
- version/adobe coldfusion/2023-update2
- version/adobe coldfusion/2023-update3
- version/adobe coldfusion/2023-update4
- version/adobe coldfusion/2023-update5
- version/adobe coldfusion/2023-update6
- version/adobe coldfusion/2021
- version/adobe coldfusion/2021-update1
- version/adobe coldfusion/2021-update10
- version/adobe coldfusion/2021-update11
- version/adobe coldfusion/2021-update12
- version/adobe coldfusion/2021-update2
- version/adobe coldfusion/2021-update3
- version/adobe coldfusion/2021-update4
- version/adobe coldfusion/2021-update5
- version/adobe coldfusion/2021-update6
- version/adobe coldfusion/2021-update7
- version/adobe coldfusion/2021-update8
- version/adobe coldfusion/2021-update9