Skip to main content
Participant
October 16, 2013
Question

APSB13-03 authentication bypass issue

  • October 16, 2013
  • 1 reply
  • 489 views

I see hotfixes for version 9 and 10, but how can I fix this vulnerability in Cold Fusion version 8.0.1?

This topic has been closed for replies.

1 reply

pete_freitag
Participating Frequently
October 16, 2013

Because CF8 has reached end of life period Adobe only provides security patches for CF9 and up currently. I'd recommend upgrading to CF9 or CF10 so you can get security patches.

My best guess on how to secure yourself from this particular issue would be to block /CFIDE and make sure you don't use cflogin in your applications.

--

Pete Freitag

Foundeo Inc. - Makers of HackMyCF & FuseGuard