PT-2014-3677 · Adobe+1 · Coldfusion+1
Publicado
2014-10-15
·
Atualizado
2020-09-04
·
CVE-2014-0570
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Adobe ColdFusion version 9.0 before Update 13
Adobe ColdFusion version 9.0.1 before Update 12
Adobe ColdFusion version 9.0.2 before Update 7
Adobe ColdFusion version 10 before Update 14
Adobe ColdFusion version 11 before Update 2
Description
A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of victims via unknown vectors.
Recommendations
For Adobe ColdFusion version 9.0, apply Update 13 to resolve the issue.
For Adobe ColdFusion version 9.0.1, apply Update 12 to resolve the issue.
For Adobe ColdFusion version 9.0.2, apply Update 7 to resolve the issue.
For Adobe ColdFusion version 10, apply Update 14 to resolve the issue.
For Adobe ColdFusion version 11, apply Update 2 to resolve the issue.
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Coldfusion