APP: Adobe ColdFusion Unauthorized ColdFusion Components (CFC) Invokation via Web Socket
This signature detects attempts to exploit a known vulnerability against Adobe ColdFusion. Attackers can invoke public methods on ColdFusion Components (CFC) via Web Sockets.
Extended Description
Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components (CFC) public methods via WebSockets.
Affected Products
Adobe coldfusion
Short Name
APP:ADOBE-COLDFUSION-WEBSOCKET
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
(CFC) Adobe CVE-2013-3350 ColdFusion Components Invokation Socket Unauthorized Web bid:61042 via
Release Date
11/20/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
TCP/8575
False Positive
Unknown
Vendors
Adobe
CVSS Score
10.0