all InfoSec news
Adobe ColdFusion Deserialization of Untrusted Data Vulnerabilities (CVE-2023-26359, CVE-2023-26360)
Aug. 24, 2023, 7:13 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
Adobe ColdFusion is a commercial rapid web-application and mobile applications development platform.
What is the Attack?
CVE-2023-26359 and CVE-2023-26360 are deserialization of untrusted data vulnerabilities that affect Adobe ColdFusion. Successful exploitation of the vulnerabilities could allow unauthenticated attackers to achieve arbitrary code execution.
CVE-2023-26359 has a CVSS score of 9.8 and is rated critical by Adobe. CVE-2023-26360 has a CVSS score of 8.6 and is rated critical by Adobe.
Why is this Significant?
This is significant …
adobe adobe coldfusion application applications attack attackers code code execution coldfusion commercial cve cve-2023-26359 cve-2023-26360 cvss data deserialization development exploitation mobile mobile applications platform rapid unauthenticated untrusted vulnerabilities web what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Jobs in InfoSec / Cybersecurity
Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)
@ IREX | Ramallah, West Bank, Palestinian National Authority
Consultant(e) Junior Cybersécurité
@ Sia Partners | Paris, France
Senior Network Security Engineer
@ NielsenIQ | Mexico City, Mexico
Senior Consultant, Payment Intelligence
@ Visa | Washington, DC, United States
Corporate Counsel, Compliance
@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
Security Operations Engineer
@ Samsara | Remote - US