First published: Fri Sep 13 2024(Updated: )
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access and affect the integrity of the application. Exploitation of this issue does not require user interaction.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe ColdFusion | =2023 | |
Adobe ColdFusion | =2023-update1 | |
Adobe ColdFusion | =2023-update2 | |
Adobe ColdFusion | =2023-update3 | |
Adobe ColdFusion | =2023-update4 | |
Adobe ColdFusion | =2023-update5 | |
Adobe ColdFusion | =2023-update6 | |
Adobe ColdFusion | =2021 | |
Adobe ColdFusion | =2021-update1 | |
Adobe ColdFusion | =2021-update10 | |
Adobe ColdFusion | =2021-update11 | |
Adobe ColdFusion | =2021-update12 | |
Adobe ColdFusion | =2021-update2 | |
Adobe ColdFusion | =2021-update3 | |
Adobe ColdFusion | =2021-update4 | |
Adobe ColdFusion | =2021-update5 | |
Adobe ColdFusion | =2021-update6 | |
Adobe ColdFusion | =2021-update7 | |
Adobe ColdFusion | =2021-update8 | |
Adobe ColdFusion | =2021-update9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-45113 has been classified as a high-severity vulnerability due to its potential for privilege escalation.
To fix CVE-2024-45113, update Adobe ColdFusion to the latest version or apply the available patches.
CVE-2024-45113 affects Adobe ColdFusion versions 2023.6, 2021.12, and earlier releases.
CVE-2024-45113 enables an attacker to exploit improper authentication, leading to unauthorized access.
Yes, exploitation of CVE-2024-45113 can compromise the integrity of applications running on affected ColdFusion versions.