CVE-2023-29301

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 12, 2023

Updated: Jul 20, 2023

CWE ID 307

Summary

CVE-2023-29301 is a vulnerability affecting Adobe ColdFusion versions 2018u16 and earlier, 2021u6 and earlier, and 2023.0.0.330468 and earlier. It involves an Improper Restriction of Excessive Authentication Attempts issue, allowing for security feature bypass. This vulnerability could potentially impact the confidentiality of users without requiring any user interaction. Attackers can exploit this weakness to gain unauthorized access, bypassing security restrictions. Versions prior to 2023.0.0.330468 are susceptible to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe ColdFusion

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r9L8QG
https://www.cve.org/CVERecord?id=CVE-2023-29301
https://nvd.nist.gov/vuln/detail/CVE-2023-29301

Back to Vulnerability Database