CVE-2023-26359
unknown
KEV
CVSS v3
—
CVSS v2
—
VIR risk
1.5
Description
Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the context of the current user.
CISA KEV
- Vendor
- Adobe
- Product
- ColdFusion
- Due date
- 2023-09-11
Predictions
Exploit likelihood
99%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cisa-kev — https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html; https://nvd.nist.gov/vuln/detail/CVE-2023-26359
Exploits
References
Verify integrity in audit chain (admin only). AS-IS.