Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MISC:ADOBE-UPLOAD
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	Adobe ColdFusion CKEditor Unrestricted File Upload
Release Date	2018/11/27
Update Number	3120
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Adobe ColdFusion CKEditor Unrestricted File Upload

An unrestricted file upload vulnerability has been reported in the CKEditor component of Adobe ColdFusion. Successful exploitation results in the execution of the malicious file on the server.

Extended Description

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.

Affected Products

Adobe coldfusion 11.0
Adobe coldfusion 2016
Adobe coldfusion 2018

References

CVE: CVE-2018-15961

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Adobe ColdFusion CKEditor Unrestricted File Upload

Extended Description

Affected Products

References