JD Supra

Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP

Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023, announced patches for CVE-2023-29298, an improper access control issue that ...
Ars Technica

Coldfusion and using RADIUS authentication

Hello all,<BR><BR>I'm setting some stuff up at work and looking for some help on this one piece I can't quite figure out.<BR><BR>What I'm looking to accomplish is to verify a login/password to a ...
Ars Technica

Vulnerabilities in Adobe ColdFusion and Citrix NetScaler are under active exploitation

The exploited code-execution flaws are the kind coveted by ransomware and nation-state hackers. As someone who used ColdFusion for years, I’m not in the ‘why would anyone use it anymore?’ camp.
Dark Reading

CISA: Threat Actor Breached Federal Systems via Adobe ColdFusion Flaw

An unidentified threat actor or threat actors gained access to two public facing Web servers at a US federal government agency earlier this year by exploiting a critical but previously patched ...