Categories: US-Cert-Repository

Adobe Releases Security Updates for ColdFusion


On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software. Exploitation of some of these vulnerabilities may allow a malicious cyber actor to take control of an affected system.

CISA urges organizations to review Adobe ColdFusion security bulletin APSB23-52 for more information and to:

  • Apply the recommended updates in APSB23-52.
  • Follow Adobe recommendations on ColdFusion hardening.
    • ColdFusion 2023 Lockdown Guide
    • ColdFusion 2021 Lockdown Guide
  • Consider adding a web application firewall (WAF) filter for CFIDE for external users.
  • Consider using CISA’s Cybersecurity Incident and Vulnerability Response Playbooks for other actionable steps.



Source link

admin

Leave a Comment
Share
Published by
admin
2 years ago

Recent Posts

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems (ICS) advisories on July 17, 2025. These advisories provide…

12 hours ago

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems (ICS) advisories on July 15, 2025. These advisories provide…

2 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

3 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

6 days ago

CISA Releases Thirteen Industrial Control Systems Advisories

CISA released thirteen Industrial Control Systems (ICS) advisories on July 10, 2025. These advisories provide…

1 week ago

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems (ICS) advisory on July 8, 2025. These advisories provide…

1 week ago

This website uses cookies.