Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2023-11-17T13:31:33.156Z
Updated: 2024-08-02T11:46:24.614Z
Reserved: 2023-02-22T19:47:52.374Z
Link: CVE-2023-26347
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-11-17T14:15:20.867
Modified: 2023-11-23T03:39:14.323
Link: CVE-2023-26347
Redhat
No data.