HTTP: Adobe ColdFusion Application Server CVE-2023-26361 Directory Traversal
This signature detects attempts to exploit a known vulnerability against Adobe ColdFusion. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read. Exploitation of this issue does not require user interaction, but does require administrator privileges.
Affected Products
Adobe coldfusion
References
CVE: CVE-2023-26361
Short Name
HTTP:DIR:ADOBE-CVE-2023-26361
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Adobe Application CVE-2023-26361 ColdFusion Directory Server Traversal
Release Date
09/11/2023
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3632
False Positive
Unknown
Vendors
Adobe