Exposures › CVE-2018-15961

CVE-2018-15961

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⚡ RCE ⌖ exploited in the wild shame 65/100 rceexploited-in-wild

Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.

Players implicated

Description

Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.

Sentiment · trusted sources

  • synthesis neutral -0.20
    No direct press or authority commentary on Adobe's handling of CVE-2018-15961 is present in the provided sources; only technical vulnerability descriptions and generic vendor/product listings are avai
  • www.cvefind.com ↗ neutral +0.00
    No relevant content.
  • cooey ↗ neutral +0.00
    Neutral technical description only.
    “Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.”
  • www.cisecurity.org ↗ neutral +0.00
    Neutral product listing.
    “Adobe ColdFusion is a commercial rapid web application development platform used to build and deploy dynamic web and mobile applications.”
  • CISA ↗ neutral +0.00
    No relevant content.
  • app.opencve.io ↗ neutral +0.00
    No relevant content.

Affected FedRAMP products 8 in the catalog

ProductProviderStatusMatch
Adobe Acrobat Sign for Government Adobe Authorized vendor-exact · 0.90
Adobe Analytics Adobe Authorized vendor-exact · 0.90
Adobe Campaign Adobe Authorized vendor-exact · 0.90
Adobe Connect Managed Services (ACMS-GC) Adobe Authorized vendor-exact · 0.90
Adobe Creative Cloud for Enterprise Adobe Authorized vendor-exact · 0.90
Adobe Document Cloud (PDF Services & Adobe Sign) Adobe Authorized vendor-exact · 0.90
Adobe Experience Manager Managed Services (AEMMS-GC) Adobe Authorized vendor-exact · 0.90
Adobe Learning Manager Adobe Authorized vendor-exact · 0.90