Categories: US-Cert-Repository

Adobe Releases Security Updates for ColdFusion


On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software. Exploitation of some of these vulnerabilities may allow a malicious cyber actor to take control of an affected system.

CISA urges organizations to review Adobe ColdFusion security bulletin APSB23-52 for more information and to:

  • Apply the recommended updates in APSB23-52.
  • Follow Adobe recommendations on ColdFusion hardening.
    • ColdFusion 2023 Lockdown Guide
    • ColdFusion 2021 Lockdown Guide
  • Consider adding a web application firewall (WAF) filter for CFIDE for external users.
  • Consider using CISA’s Cybersecurity Incident and Vulnerability Response Playbooks for other actionable steps.



Source link

admin

Leave a Comment
Share
Published by
admin
3 years ago

Recent Posts

CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure

CISA is aware of global reports that malicious cyber actors have targeted internet-accessible Fortinet devices…

3 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

4 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

6 days ago

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

7 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

1 week ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

2 weeks ago

This website uses cookies.