Adobe.ColdFusion.Scheduleedit.Cfm.XSS.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass vulnerability on ColdFusion servers's scheduleedit.cfm.
The vulnerability is due to an error when the vulnerable software handles malicious http request. A remote attacker
may be able to execute arbitrary script on the client browser via a crafted http request.
Affected Products
Adobe Systems ColdFusion 9.0.2
Adobe Systems ColdFusion 9.0.1
Adobe Systems ColdFusion 9.0
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser.
Recommended Actions
Refer to the vendor's website for suggested workaround.
http://www.adobe.com/support/security/bulletins/apsb13-03.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |