all InfoSec news
Adobe ColdFusion Access Control Bypass (CVE-2023-26347, CVE-2023-38205)
Jan. 16, 2024, 3:37 a.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
The Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by Improper Access Control vulnerabilities that could result in a security bypass. Exploitation of these vulnerabilities could give attacker access to the ColdFusion Administrator endpoints for further attack.
What is the Vendor Solution?
Adobe released patches for the security bypass flaws in June 2023. [ Link ]
What FortiGuard Coverage is available?
FortiGuard Labs has an IPS signature "Adobe.ColdFusion.IPFilterUtils.Authentication.Bypass" to protect any exploitations …
access access control adobe adobe coldfusion attack attacker bypass coldfusion control cve endpoints exploitation patches result security security bypass solution vendor vulnerabilities vulnerability what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Jobs in InfoSec / Cybersecurity
Security Specialist
@ Nestlé | St. Louis, MO, US, 63164
Cybersecurity Analyst
@ Dana Incorporated | Pune, MH, IN, 411057
Sr. Application Security Engineer
@ CyberCube | United States
Linux DevSecOps Administrator (Remote)
@ Accenture Federal Services | Arlington, VA
Cyber Security Intern or Co-op
@ Langan | Parsippany, NJ, US, 07054-2172
Security Advocate - Application Security
@ Datadog | New York, USA, Remote