• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

ColdFusion 2016 Standard vulnerability Trace method

Community Beginner ,
Dec 15, 2020 Dec 15, 2020

Copy link to clipboard

Copied

ColdFusion 2016 Standard update 11 and IIS Server . Nessus scan  vulnerability on port 5500 Trace method enable. We add GET,POST in allow verb inside IIS Request Filter. But still we get vulnerability report. We remove add-on service (Jetty as report show Server: Jetty(9.4.2))

Views

275

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Community Expert , Dec 15, 2020 Dec 15, 2020

That port 5500 is indeed a jetty port, but not the one in the add on service. Instead it was another, implemented back in the cf9 era, as an alternative web server for the cf server monitor. 

 

Anyway, here is how to close the hole:

 

https://community.adobe.com/t5/coldfusion/coldfusion-2016-excessive-cpu-usage-after-nessus-scan/td-p/9190118?page=1

Votes

Translate

Translate
Guest
Dec 15, 2020 Dec 15, 2020

Copy link to clipboard

Copied

Moving thread to the ColdFusion forum from Using the Community

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Dec 15, 2020 Dec 15, 2020

Copy link to clipboard

Copied

That port 5500 is indeed a jetty port, but not the one in the add on service. Instead it was another, implemented back in the cf9 era, as an alternative web server for the cf server monitor. 

 

Anyway, here is how to close the hole:

 

https://community.adobe.com/t5/coldfusion/coldfusion-2016-excessive-cpu-usage-after-nessus-scan/td-p...


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Dec 16, 2020 Dec 16, 2020

Copy link to clipboard

Copied

Any thoughts, defaultne3mldqroexz? Did what I shared help? If so, can you please mark mine as the answer, to help future readers? If not, what are you seeing now?


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Dec 16, 2020 Dec 16, 2020

Copy link to clipboard

Copied

Thank you for the prompt reply. It solved problem

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Dec 16, 2020 Dec 16, 2020

Copy link to clipboard

Copied

LATEST

Great to hear. Thanks for the update, and marking the answer. Glad to help. 


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation