Summary
Adobe released security updates for ColdFusion and Campaign Classic to fix 12 vulnerabilities, including seven critical flaws with CVSS scores of 10.0. These vulnerabilities allow unauthenticated remote code execution, privilege escalation, and unauthorized file system access.
Take Action:
If you're running Adobe ColdFusion or Campaign Classic, this is very important: Patch ColdFusion immediately to Update 10 (2025) or Update 21 (2023). If you also run on-premise Campaign Classic, update to v7.4.3 build 9397. By design these platforms are exposed to the internet, and will be attacked VERY soon. Adobe-hosted instances are already safe but self-hosted ones are not.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)