Short Name |
APP:ADOBE-COLDFUSION-WEBSOCKET |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Adobe ColdFusion Unauthorized ColdFusion Components (CFC) Invokation via Web Socket |
Release Date |
2013/11/19 |
Update Number |
2321 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Adobe ColdFusion. Attackers can invoke public methods on ColdFusion Components (CFC) via Web Sockets.
Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components (CFC) public methods via WebSockets.