Mitigation Instructions for CVE-2024-28987
Subject: Mitigating CVE-2024-28987: Hardcoded Credentials Vulnerability in SolarWinds Web Help Desk
1 min read
CyRisk Vulnerability Management Team : Feb 26, 2024 10:43:23 AM
SUBJECT: Mitigating CVE-2023-38203: ColdFusion Deserialization of Untrusted Data Vulnerability
TECH STACK: Adobe ColdFusion
DATE(S) ISSUED: 07/20/2023
NVD Last Modified: 01/08/2024
CRITICALITY: 9.8 CRITICAL
OVERVIEW:
This document outlines the steps to mitigate the vulnerability (CVE-2023-38203) in Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier), and 2023u1 (and earlier). This vulnerability allows attackers to potentially execute arbitrary code on affected systems due to improper handling of untrusted data during deserialization.
SOLUTION/MITIGATION:
Additional mitigation steps (if upgrading is not immediate):
Confirmation & Additional Information:
Subject: Mitigating CVE-2024-28987: Hardcoded Credentials Vulnerability in SolarWinds Web Help Desk
Subject: Mitigating CVE-2017-1000486: Remote Code Execution Vulnerability in PrimeTek PrimeFaces
Subject: Mitigating Vulnerability in Unsupported Drupal 8.x