Exposures › CVE-2018-15961
CVE-2018-15961
Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⚡ RCE
⌖ exploited in the wild
shame 65/100
rceexploited-in-wild
Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.
Players implicated
Description
Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.
Sentiment · trusted sources
-
synthesis neutral -0.20No direct press or authority commentary on Adobe's handling of CVE-2018-15961 is present in the provided sources; only technical vulnerability descriptions and generic vendor/product listings are avai
-
No relevant content.
-
Neutral technical description only.
“Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.”
-
Neutral product listing.
“Adobe ColdFusion is a commercial rapid web application development platform used to build and deploy dynamic web and mobile applications.”
-
No relevant content.
-
No relevant content.
Affected FedRAMP products 8 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| Adobe Acrobat Sign for Government | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Analytics | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Campaign | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Connect Managed Services (ACMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Creative Cloud for Enterprise | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Document Cloud (PDF Services & Adobe Sign) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Experience Manager Managed Services (AEMMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Learning Manager | Adobe | Authorized | vendor-exact · 0.90 |