跳转到帖子

APSB23-25: Security updates available for Adobe ColdFusion | APSB23-25 (CVE-2023-26361)

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

APSB23-25: Security updates available for Adobe ColdFusion | APSB23-25 (CVE-2023-26361)

Severity
6
CVSS
(AV:N/AC:L/Au:M/C:C/I:N/A:N)
Published
03/14/2023
Created
03/15/2023
Added
03/15/2023
Modified
01/30/2025

Description

Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read. Exploitation of this issue does not require user interaction, but does require administrator privileges.

Solution(s)

  • adobe-coldfusion-2018-release-update-16
  • adobe-coldfusion-2021-release-update-6

References

  • https://attackerkb.com/topics/cve-2023-26361
  • CVE - 2023-26361
  • https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html
  • 查看数 723
  • 已创建
  • 最后回复
转到主题列表