2023-11-17 15:00:21 +00:00
{
"id" : "CVE-2023-44353" ,
"sourceIdentifier" : "psirt@adobe.com" ,
"published" : "2023-11-17T14:15:21.890" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T08:25:44.403" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-11-17 15:00:21 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction."
2023-11-23 05:00:22 +00:00
} ,
{
"lang" : "es" ,
"value" : "Las versiones 2023.5 (y anteriores) y 2021.11 (y anteriores) de Adobe ColdFusion se ven afectadas por una vulnerabilidad de deserializaci\u00f3n de datos no confiables que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. La explotaci\u00f3n de este problema no requiere la interacci\u00f3n del usuario."
2023-11-17 15:00:21 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "psirt@adobe.com" ,
2024-04-04 08:46:00 +00:00
"type" : "Primary" ,
2023-11-17 15:00:21 +00:00
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 9.8 ,
"baseSeverity" : "CRITICAL" ,
2023-11-17 15:00:21 +00:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-11-17 15:00:21 +00:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 5.9
}
]
} ,
"weaknesses" : [
2023-11-23 05:00:22 +00:00
{
2024-12-08 03:06:42 +00:00
"source" : "psirt@adobe.com" ,
"type" : "Secondary" ,
2023-11-23 05:00:22 +00:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-502"
}
]
} ,
2023-11-17 15:00:21 +00:00
{
2024-12-08 03:06:42 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-11-17 15:00:21 +00:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-502"
}
]
}
] ,
2023-11-23 05:00:22 +00:00
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2021" ,
"matchCriteriaId" : "39EBF22C-3ED8-4C91-AA46-1BA920CE1920"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "7A94B406-C011-4673-8C2B-0DD94D46CC4C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:*" ,
"matchCriteriaId" : "AFD05E3A-10F9-4C75-9710-BA46B66FF6E6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update10:*:*:*:*:*:*" ,
"matchCriteriaId" : "F1FC7D1D-6DD2-48B2-980F-B001B0F24473"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update11:*:*:*:*:*:*" ,
"matchCriteriaId" : "1FA19E1D-61C2-4640-AF06-4BCFE750BDF3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:*" ,
"matchCriteriaId" : "D57C8681-AC68-47DF-A61E-B5C4B4A47663"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:*" ,
"matchCriteriaId" : "75608383-B727-48D6-8FFA-D552A338A562"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:*" ,
"matchCriteriaId" : "7773DB68-414A-4BA9-960F-52471A784379"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:*" ,
"matchCriteriaId" : "B38B9E86-BCD5-4BCA-8FB7-EC55905184E6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:*" ,
"matchCriteriaId" : "5E7BAB80-8455-4570-A2A2-8F40469EE9CC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update7:*:*:*:*:*:*" ,
"matchCriteriaId" : "F9D645A2-E02D-4E82-A2BD-0A7DE5B8FBCC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update8:*:*:*:*:*:*" ,
"matchCriteriaId" : "6E22D701-B038-4795-AA32-A18BC93C2B6F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2021:update9:*:*:*:*:*:*" ,
"matchCriteriaId" : "CAC4A0EC-C3FC-47D8-86CE-0E6A87A7F0B0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "B02A37FE-5D31-4892-A3E6-156A8FE62D28"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*" ,
"matchCriteriaId" : "0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*" ,
"matchCriteriaId" : "EB88D4FE-5496-4639-BAF2-9F29F24ABF29"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*" ,
"matchCriteriaId" : "43E0ED98-2C1F-40B8-AF60-FEB1D85619C0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*" ,
"matchCriteriaId" : "76204873-C6E0-4202-8A03-0773270F1802"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*" ,
"matchCriteriaId" : "C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7"
}
]
}
]
}
] ,
2023-11-17 15:00:21 +00:00
"references" : [
{
"url" : "https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html" ,
2023-11-23 05:00:22 +00:00
"source" : "psirt@adobe.com" ,
"tags" : [
"Release Notes" ,
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Release Notes" ,
"Vendor Advisory"
]
2023-11-17 15:00:21 +00:00
}
]
}
