Code Scan

Report · Jul 24, 2018

Hello is there any tool that i can scan the ColdFusion code for possible vulnerabilities or security issues? Thanks in advance

Report · Jul 24, 2018

Yes, there is. It is a feature restricted to the Enterprise or free 30-day Trial edition only, in CF2016 or CF2018. And it works from within CF Builder 2016 or 2018 (paid or 60-day trial edition). Search for the ColdFusion Security Analyzer to find more info.

And yes, it certainly sucks that it’s held to be Enterprise (or Trial) only. I think all would agree that it should be in Standard and indeed the free Developer edition. But the CF Team management seems adamant on holding this as an Enterprise-only feature.

But I will repeat: you can get it using the free trial editions of both CF and CF Builder. We shouldn’t have to play such games, and I have not pointed this out so straightforwardly here before. But since this was not changed for CF2018, and since you are asking here, I am simply presenting the facts as I know them for people to decide what to do with it (and to correct me if I’m wrong).

/charlie

/Charlie (troubleshooter, carehart.org)

Report · Jul 24, 2018

Dear Charlie,

Thank you very much for your reply. You are right but everyone should make their best effort in order to keep users secure and safe. Especially these days where attacks are very common and can cause a lot of issues. It should not be about money and especially from such big companies like adobe where they make millions from sales. Therefore i really appreciate your help.

Report · Jul 24, 2018

I agree completely. There was no need for any “but” in your reply to me

/charlie

/Charlie (troubleshooter, carehart.org)

Adobe Community

Code Scan

1 Correct answer