{"vulnerability": "cve-2023-38205", "sightings": [{"uuid": "85288244-70e2-4293-a121-6f3238174b81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-07-20T15:10:03.000000Z"}, {"uuid": "65f347c5-723b-4e19-8c90-da7ca004df1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971860", "content": "", "creation_timestamp": "2024-12-24T20:34:56.144075Z"}, {"uuid": "a28b3f78-10cc-439f-99e5-4b63c55aa25a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-18)", "content": "", "creation_timestamp": "2024-11-18T00:00:00.000000Z"}, {"uuid": "79bbacc9-b03f-4547-aa87-57dd0a99d220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-19)", "content": "", "creation_timestamp": "2024-11-19T00:00:00.000000Z"}, {"uuid": "1e2f8e7b-d886-4e0a-921d-38933d9abb7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-27)", "content": "", "creation_timestamp": "2024-11-27T00:00:00.000000Z"}, {"uuid": "8b3aa67d-225e-4118-ba36-bc8f3c46ef9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-26)", "content": "", "creation_timestamp": "2024-11-26T00:00:00.000000Z"}, {"uuid": "64c46037-a066-4d7b-8ae1-c2365ae9163c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-28)", "content": "", "creation_timestamp": "2024-11-28T00:00:00.000000Z"}, {"uuid": "2de1bd02-ff3c-48f4-b480-a1a2844619f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-05)", "content": "", "creation_timestamp": "2025-02-05T00:00:00.000000Z"}, {"uuid": "2958ac04-ffb7-4a40-b4e2-2f181aa69482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:45.000000Z"}, {"uuid": "e75dfc0b-4c4d-45c2-a440-616139b46557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-31)", "content": "", "creation_timestamp": "2025-07-31T00:00:00.000000Z"}, {"uuid": "44248f95-e4cb-4094-8c03-03bd4b4c99c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/de7b9995-3df5-4c7b-b702-a9973e2624c4", "content": "", "creation_timestamp": "2026-02-02T12:26:54.558567Z"}, {"uuid": "3df45592-665d-4477-9652-9efa7d9766e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "Telegram/RUS-QuDlHNHGMxb2XDQRw8JprRIyTU4cETHN0wScki9sRd8", "content": "", "creation_timestamp": "2023-07-20T16:03:53.000000Z"}, {"uuid": "377fb788-bbdf-4efa-a2ef-d08fb11ba865", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "seen", "source": "https://t.me/arpsyndicate/923", "content": "#ExploitObserverAlert\n\nCVE-2023-38205\n\nDESCRIPTION: Exploit Observer has 11 entries related to CVE-2023-38205. Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.\n\nFIRST-EPSS: 0.835160000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-03T11:40:18.000000Z"}, {"uuid": "294da26c-db66-44cd-ae84-cb7aa0fece29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "Telegram/m5J_SB14XcE4WmSFl9S5T7USgeuaPM5JvS0hspkLyulXfQ", "content": "", "creation_timestamp": "2023-07-20T07:09:27.000000Z"}, {"uuid": "4f82ac4e-5d03-42b3-a1e0-dcc51c7204e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "https://t.me/KomunitiSiber/515", "content": "Adobe Rolls Out New Patches for Actively Exploited ColdFusion Vulnerability\nhttps://thehackernews.com/2023/07/adobe-rolls-out-new-patches-for.html\n\nAdobe has released a fresh round of updates to address an incomplete fix for a recently disclosed ColdFusion flaw that has come under active exploitation in the wild.\nThe critical shortcoming, tracked as\u00a0CVE-2023-38205\u00a0(CVSS score: 7.5), has been described as an instance of improper access control that could result in a security bypass. It impacts the following versions:\n\nColdFusion 2023 (Update", "creation_timestamp": "2023-07-20T06:46:04.000000Z"}, {"uuid": "17b9f72c-3edc-44ef-8b3c-efc1b2ace843", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/972", "content": "", "creation_timestamp": "2023-07-27T15:22:45.000000Z"}, {"uuid": "bee8efa0-e0d7-440b-9280-8b7e0fb0750f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "seen", "source": "https://t.me/true_secator/6588", "content": "Adobe \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u043d\u0435\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-53961 \u0441 CVSS 7.4 \u0432 ColdFusion.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Adobe ColdFusion \u0432\u0435\u0440\u0441\u0438\u0439 2023 \u0438 2021 \u0438 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0443\u0442\u0438 \u043a \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u043c\u0443 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u043c\u0443 \u0447\u0442\u0435\u043d\u0438\u044e \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c ma4ter. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c Adobe \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043d\u0430\u043b\u0438\u0447\u0438\u0438 PoC \u0434\u043b\u044f CVE-2024-53961.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e Adobe \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043b\u0438 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0435\u0439 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0435 \u0430\u0442\u0430\u043a \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Wddx.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0432 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0430\u0445\u00a0ColdFusion 2023 \u0438 ColdFusion 2021.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0443\u0441\u0442\u043e\u044f\u0432\u0448\u0443\u044e\u0441\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0443 \u0430\u0442\u0430\u043a \u043d\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 Adobe ColdFusion (CVE-2023-29298, CVE-2023-38205, CVE-2023-26360), \u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u043f\u0440\u0438\u0441\u043b\u0443\u0448\u0430\u0442\u044c\u0441\u044f.", "creation_timestamp": "2024-12-26T16:00:06.000000Z"}, {"uuid": "94ff66b4-c0d2-4f55-8fea-983af1d4aad8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "https://t.me/true_secator/4637", "content": "Adobe \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f ColdFusion, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 0-day, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e RCE CVE-2023-38204 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 9,8), \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2023-38205 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 7,8) \u0438 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0443\u044e CVE-2023-38206 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 5,3).\n\n\u0421\u0430\u043c\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0430\u044f CVE-2023-38204 \u0435\u0449\u0435 \u043d\u0435 \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a CVE-2023-38205 \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 Adobe \u0432 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 ColdFusion.\n\n\u041e\u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0439 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2023-29298, \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 ColdFusion, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Rapid7 11 \u0438\u044e\u043b\u044f.\n\n13 \u0438\u044e\u043b\u044f\u00a0Rapid7 \u0443\u0432\u0438\u0434\u0435\u043b\u0438, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b\u00a0\u0434\u043b\u044f CVE-2023-29298 \u0438, \u043a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 CVE-2023-29300/CVE-2023-38203 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b ColdFusion \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c.\n\n\u041a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-29298 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u043e\u0431\u043e\u0439\u0442\u0438, \u043e \u0447\u0435\u043c Rapid7 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 Adobe. \u0422\u0440\u0438\u0432\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u043b \u043d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 ColdFusion (\u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 14 \u0438\u044e\u043b\u044f).\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Adobe \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 CVE-2023-29298 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e \u0432 APSB23-47 \u043a\u0430\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 CVE-2023-38205.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 ColdFusion, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.", "creation_timestamp": "2023-07-20T11:14:46.000000Z"}, {"uuid": "92654c58-7700-4444-ba98-e61673109bca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "seen", "source": "https://t.me/cibsecurity/70431", "content": "\u203c CVE-2023-38205 \u203c\n\nAdobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-14T12:24:20.000000Z"}, {"uuid": "e95b57cf-2c65-4bee-8d02-d0b285843af3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "https://t.me/thehackernews/3620", "content": "ColdFusion users, beware! Adobe has released new updates to fix a critical security flaw (CVE-2023-38205) that's actively being exploited in the wild. \n \nRead: https://thehackernews.com/2023/07/adobe-rolls-out-new-patches-for.html \n \nMake sure to update your installations to stay protected.", "creation_timestamp": "2023-07-20T05:34:05.000000Z"}, {"uuid": "8e1ff963-f524-4db8-a8f2-e9cdcc7233fc", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/da8a517a-b288-4f97-871e-11c25d07e6f7", "content": "", "creation_timestamp": "2026-06-19T12:46:51.342624Z"}, {"uuid": "e58c84bb-3ade-4b8b-a28b-a1f56328d0b2", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38205", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9774da97-5e22-40b1-b1a3-0f69880f94ce", "content": "", "creation_timestamp": "2026-06-23T14:05:43.782734Z"}]}