Skip to main content
A
Anonymous
May 16, 2017
Answered

CF 2016 showing wrong version number

  • May 16, 2017
  • 2 replies
  • 1255 views

I have a vulnerability scanner that is showing our CF version as version 6. But I do not have version 6 installed.  it is actually version 2016.

its saying its finding it here

http://servername:8500/CFIDE

any assistance, besides just forwarding me an 80 page document, would be appreciated

thank you!

    This topic has been closed for replies.
    Correct answer haxtbh

    What vulnerability scanner? I would say its not a very good one. You have 2016 installed, its probably a very out of date scanner just assuming this url is CF 6.

    I don't think any assistance can be given here really.  The only question would be did you upgrade from version 6?

    Otherwise you will need to find another scanner or talk to the scanner vendor.

    2 replies

    A
    Anonymous
    May 17, 2017

    Its a relatively decent in terms of scanners go. But. I guess what I'm trying to figure out is, what is under the folder its looking in (the CFIDE folder via port 8500) that would report back to it a version number? its false positive but still...what IS it looking at?

    H
    haxtbh
    Inspiring
    May 18, 2017

    You should really follow a lockdown guide (http://wwwimages.adobe.com/content/dam/acom/en/products/coldfusion/pdfs/coldfusion-2016-lockdown-guide.pdf)​ This way there would be no access.

    I dont think there is anything that would give away the version other then something on the login screen like the logo. The scanner might just be assuming that because the URL exists on that port, thats its CF 6. Which is why I mentioned it not being very good.

    A
    Anonymous
    May 18, 2017

    Ok, thank you!!

    Yea, it isnt really that intelligent.

    H
    haxtbhCorrect answer
    Inspiring
    May 17, 2017

    What vulnerability scanner? I would say its not a very good one. You have 2016 installed, its probably a very out of date scanner just assuming this url is CF 6.

    I don't think any assistance can be given here really.  The only question would be did you upgrade from version 6?

    Otherwise you will need to find another scanner or talk to the scanner vendor.

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices