CVE-2010-2861 Scanner
CVE-2010-2861 scanner - Directory Traversal vulnerability in Adobe ColdFusion
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
15 seconds
Time Interval
4 weeks
Scan only one
URL
Toolbox
-
Adobe ColdFusion is a software product used primarily for web development. It is a powerful platform that enables developers to create scalable, enterprise-level applications. ColdFusion is used to develop dynamic web pages, and it simplifies database connectivity by enabling developers to create database-driven web applications with minimal effort. As a result, ColdFusion allows for more efficient website development and management.
One vulnerability that has been detected in ColdFusion is CVE-2010-2861. This vulnerability is due to multiple directory traversal vulnerabilities in the administrator console of Adobe ColdFusion 9.0.1 and earlier. These vulnerabilities enable remote attackers to access arbitrary files by exploiting the locale parameter to logging/settings.cfm, datasources/index.cfm, j2eepackaging/editarchive.cfm, enter.cfm in CFIDE/administrator/.
This vulnerability can lead to the compromise of sensitive information. Attackers who exploit this vulnerability can read arbitrary files, which can include sensitive information such as user credentials, financial data, and other confidential data stored on the affected system. As a result, the security of the system is compromised and the potential for financial loss, legal liability, and reputational damage increase.
In conclusion, Adobe ColdFusion is a powerful platform used in web development that simplifies the process of creating applications. However, as with any software product, it is susceptible to vulnerabilities that can compromise the security of the system. It is important to take precautions to protect against these vulnerabilities to prevent sensitive information from falling into the wrong hands. By using platforms like s4e.io, you can stay informed about vulnerabilities in your digital assets and take proactive measures to protect your system.
REFERENCES
- http://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861/
- http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-07
- http://www.adobe.com/support/security/bulletins/apsb10-18.html
- http://securityreason.com/securityalert/8137
- http://securityreason.com/securityalert/8148
