DEV Community

Cover image for Adobe Patches Seven Maximum-Severity Flaws in ColdFusion and Campaign Classic
BeyondMachines for BeyondMachines

Posted on • Originally published at beyondmachines.net

Adobe Patches Seven Maximum-Severity Flaws in ColdFusion and Campaign Classic

Summary

Adobe released security updates for ColdFusion and Campaign Classic to fix 12 vulnerabilities, including seven critical flaws with CVSS scores of 10.0. These vulnerabilities allow unauthenticated remote code execution, privilege escalation, and unauthorized file system access.

Take Action:

If you're running Adobe ColdFusion or Campaign Classic, this is very important: Patch ColdFusion immediately to Update 10 (2025) or Update 21 (2023). If you also run on-premise Campaign Classic, update to v7.4.3 build 9397. By design these platforms are exposed to the internet, and will be attacked VERY soon. Adobe-hosted instances are already safe but self-hosted ones are not.


Read the full article on BeyondMachines


This article was originally published on BeyondMachines

Top comments (0)