CVE-2008-1203

Name of the Vulnerable Software and Affected Versions Adobe ColdFusion versions 8 and MX7

Description The issue concerns the administrator interface of Adobe ColdFusion, which does not log failed authentication attempts. This omission makes it easier for remote attackers to conduct brute force attacks without being detected.

Recommendations For Adobe ColdFusion version 8, consider implementing custom logging to track failed authentication attempts as a temporary workaround. For Adobe ColdFusion version MX7, consider implementing custom logging to track failed authentication attempts as a temporary workaround. At the moment, there is no information about a newer version that contains a fix for this vulnerability.