Mitigation Instructions for Adobe ColdFusion CVE-2023-29300
SUBJECT: CVE-2023-29300: Adobe ColdFusion Deserialization of Untrusted Data Vulnerability - Detailed Mitigation Guide
2 min read
CyRisk Vulnerability Management Team : Feb 23, 2024 4:42:11 PM
SUBJECT: Unauthenticated Remote Code Execution in Cisco Unified Communications
TECH STACK: Cisco Unified Communications Manager (Unified CM), Unified CM IM&P, Unified CM SME, UCCX, Unity Connection, VVB
DATE(S) ISSUED: 01/24/2024
NVD Last Modified: 01/25/2024
CRITICALITY: CRITICAL (CVSS Score: 9.9) - This vulnerability poses an extremely high risk of compromise for affected systems. Immediate action is required.
OVERVIEW:
CVE-2024-20253 is a critical vulnerability in Cisco Unified Communications and Contact Center Solutions products that allows unauthenticated remote attackers to execute arbitrary code on affected devices. This means an attacker could potentially take complete control of your system including:
AFFECTED PRODUCTS:
ADDITIONAL PRODUCTS NOT AFFECTED:
SOLUTION
ADDITIONAL RECOMMENDATIONS:
HANDS ON CONSULTATION:
If you would like additional hands on remediation instruction feel free to reach out to support@cyrisk.com or fill out the form below. We welcome the opportunity to become an extension of your team.
Third Party Advisories:
CONFIRMATION & ADDITIONAL INFORMATION:
This vulnerability poses a significant risk to your organization. Take immediate action to patch your systems and implement additional security measures.
SUBJECT: CVE-2023-29300: Adobe ColdFusion Deserialization of Untrusted Data Vulnerability - Detailed Mitigation Guide
SUBJECT: Critical Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410)
SUBJECT: Mitigate Cisco ASA and FTD Information Disclosure Vulnerability (CVE-2020-3259)