Mitigation Instructions for Adobe ColdFusion CVE-2023-29300
SUBJECT: CVE-2023-29300: Adobe ColdFusion Deserialization of Untrusted Data Vulnerability - Detailed Mitigation Guide
1 min read
CyRisk Vulnerability Management Team : Jan 25, 2024 3:00:35 PM
Subject: Mitigation Instructions for CVE-2024-0204 Fortra's GoAnywhere MFT Vulnerability
Tech Stack: Fortra's GoAnywhere Managed File Transfer (MFT)
Date(s) Issued: First reported on Jan. 22, 2024, with updates on Jan. 24, 2024
Criticality: HIGH (CVSS score: 9.8)
Overview:
CVE-2024-0204 is a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT prior to version 7.4.1. It allows unauthorized users to create an admin user via the admin portal, posing significant security risks.
Solution:
Immediate action is required to mitigate this vulnerability:
For additional support, contact Fortra's security team or refer to their official security advisory.
References:
SUBJECT: CVE-2023-29300: Adobe ColdFusion Deserialization of Untrusted Data Vulnerability - Detailed Mitigation Guide
SUBJECT: Critical Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410)
SUBJECT: Mitigate Cisco ASA and FTD Information Disclosure Vulnerability (CVE-2020-3259)