Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/coldfusion/apsb23-40.html | Vendor Advisory |
https://helpx.adobe.com/security/products/coldfusion/apsb23-40.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://helpx.adobe.com/security/products/coldfusion/apsb23-40.html - Vendor Advisory |
20 Jul 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
First Time |
Adobe coldfusion
Adobe |
|
References | (MISC) https://helpx.adobe.com/security/products/coldfusion/apsb23-40.html - Vendor Advisory | |
CPE | cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update10:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update13:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update6:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update4:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update5:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update7:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update9:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update11:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update16:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update2:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update1:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update8:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update12:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update14:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update3:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update15:*:*:*:*:*:* |
12 Jul 2023, 17:58
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-12 16:15
Updated : 2024-11-21 07:56
NVD link : CVE-2023-29300
Mitre link : CVE-2023-29300
CVE.ORG link : CVE-2023-29300
JSON object : View
Products Affected
adobe
- coldfusion
CWE
CWE-502
Deserialization of Untrusted Data