Security Advisory

CVE-2023-26347

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-17 13:31:33

Last updated 2024-10-21 14:17:57

Assigner adobe

State PUBLISHED

Description

Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.

← Browse all CVEs View on cve.org ↗