CyberSecurity updates
2024-12-27 08:11:13 Pacfic
2024-12-27 08:11:13 Pacfic
Adobe ColdFusion Path Traversal Vulnerability - 2d
A critical path traversal vulnerability, identified as CVE-2024-53961, has been discovered in Adobe ColdFusion versions 2023 and 2021. This flaw allows attackers to read arbitrary files from the server. A proof-of-concept (PoC) exploit is already publicly available, significantly increasing the risk of exploitation. ColdFusion users must immediately apply the security updates to mitigate this vulnerability, as attackers are expected to weaponize this vulnerability very quickly. The vulnerability is due to an incomplete mitigation for CVE-2024-50379.