vulnerability
APSB23-40: Security updates available for Adobe ColdFusion | APSB23-40 (CVE-2023-29301)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:C/I:N/A:N) | Jul 11, 2023 | Jul 12, 2023 | May 20, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:N)
Published
Jul 11, 2023
Added
Jul 12, 2023
Modified
May 20, 2025
Description
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the confidentiality of the user. Exploitation of this issue does not require user interaction.
Solution(s)
adobe-coldfusion-2018-release-update-17adobe-coldfusion-2021-release-update-7adobe-coldfusion-2023-release-update-1

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.