Highlighted

CF 2016 showing wrong version number

New Here ,
May 16, 2017

Copy link to clipboard

Copied

I have a vulnerability scanner that is showing our CF version as version 6. But I do not have version 6 installed.  it is actually version 2016.

its saying its finding it here

http://servername:8500/CFIDE

any assistance, besides just forwarding me an 80 page document, would be appreciated

thank you!

What vulnerability scanner? I would say its not a very good one. You have 2016 installed, its probably a very out of date scanner just assuming this url is CF 6.

I don't think any assistance can be given here really.  The only question would be did you upgrade from version 6?

Otherwise you will need to find another scanner or talk to the scanner vendor.

Views

836

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

CF 2016 showing wrong version number

New Here ,
May 16, 2017

Copy link to clipboard

Copied

I have a vulnerability scanner that is showing our CF version as version 6. But I do not have version 6 installed.  it is actually version 2016.

its saying its finding it here

http://servername:8500/CFIDE

any assistance, besides just forwarding me an 80 page document, would be appreciated

thank you!

What vulnerability scanner? I would say its not a very good one. You have 2016 installed, its probably a very out of date scanner just assuming this url is CF 6.

I don't think any assistance can be given here really.  The only question would be did you upgrade from version 6?

Otherwise you will need to find another scanner or talk to the scanner vendor.

Views

837

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
May 16, 2017 0
Advocate ,
May 17, 2017

Copy link to clipboard

Copied

What vulnerability scanner? I would say its not a very good one. You have 2016 installed, its probably a very out of date scanner just assuming this url is CF 6.

I don't think any assistance can be given here really.  The only question would be did you upgrade from version 6?

Otherwise you will need to find another scanner or talk to the scanner vendor.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 17, 2017 0
New Here ,
May 17, 2017

Copy link to clipboard

Copied

Its a relatively decent in terms of scanners go. But. I guess what I'm trying to figure out is, what is under the folder its looking in (the CFIDE folder via port 8500) that would report back to it a version number? its false positive but still...what IS it looking at?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 17, 2017 0
Advocate ,
May 18, 2017

Copy link to clipboard

Copied

You should really follow a lockdown guide (http://wwwimages.adobe.com/content/dam/acom/en/products/coldfusion/pdfs/coldfusion-2016-lockdown-gui...​ This way there would be no access.

I dont think there is anything that would give away the version other then something on the login screen like the logo. The scanner might just be assuming that because the URL exists on that port, thats its CF 6. Which is why I mentioned it not being very good.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 18, 2017 0
New Here ,
May 18, 2017

Copy link to clipboard

Copied

Ok, thank you!!

Yea, it isnt really that intelligent.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 18, 2017 0