Main Vulnerability Database Exploits ID:9930 - Exploit for Improper access control in ColdFusion - CVE-2023-26360

ID:9930 - Exploit for Improper access control in ColdFusion - CVE-2023-26360

Published: June 7, 2024

Vulnerability identifier: #VU73597

Vulnerability risk: High

CVE-ID: CVE-2023-26360

CWE-ID: CWE-284

Exploitation vector: Remote access

Vulnerable software:
ColdFusion

Link to public exploit:

https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit

Vulnerability description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the application.

Note, the vulnerability is being actively exploited in the wild.

Remediation

Install updates from vendor's website.

ID:9930 - Exploit for Improper access control in ColdFusion - CVE-2023-26360

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human