VYPR
Unrated severityNVD Advisory· Published Nov 17, 2023· Updated Oct 11, 2024

ColdFusion | Improper Input Validation (CWE-20)

CVE-2023-44355

Description

Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to impact a minor integrity feature. Exploitation of this issue does require user interaction.

Affected products

2
  • Adobe Inc./Coldfusionllm-fuzzy2 versions
    >=2021 <2021.11 || >=2023 <2023.5+ 1 more
    • (no CPE)range: >=2021 <2021.11 || >=2023 <2023.5
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.