Select Page

[Overview]

Adobe ColdFusion is an application development platform. The Flex integration service includes ColdFusion, which allows Flash applications to communicate with the ColdFusion server via Java RMI. Recently, Adobe fixed a deserialization vulnerability in AdobeCloudFusion Flex integration service.

[Vulnerability Details]

CVE-2018-4939: This vulnerability is caused by a lack of input validation for RMI method parameters in the DataServicesCFProxy class. An unauthenticated attacker could exploit this vulnerability by sending elaborate malicious serialization parameters to the target application via RMI calls. If the vulnerability is exploited, arbitrary code execution in the context of the target system can be implemented.

Vulnerability Source: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4939

[Severity]

Critical

[Affected Versions]

  • Adobe Systems ColdFusion (2016 release) Update 5 and prior
  • Adobe Systems ColdFusion 11 Update 13 and prior

[Suggestions]

Update the bug fix release provided by Adobe to eliminate the damage caused by the vulnerability.


If the user does not need it, you can prevent external network traffic from accessing port 1099 to prevent it from being exploited by hackers.

Official statement: https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html

[Hillstone Networks Solution]

Hillstone Networks has added signatures to the IPS signature database version 2.1.245. By deploying any Hillstone Networks solution with the IPS function, the Adobe ColdFusion Deserialization vulnerability can be quickly detected and effectively intercepted, preventing the server from being attacked.

Threat Events Detected by Hillstone Solutions

Vulnerability Detail Description

Hillstone NGFWs Recognized for 8th Straight Year in Gartner® Magic Quadrant™, Named as a “Visionary”

Hillstone Networks Wins 2021 CybersecAsia Readers’ Choice Award

ZTNA: A Better Way to Control Access, Boost Security

Hillstone sBDS V3.4 Extends Supplementary Detection Capabilities

Kudos to the Hillstone Security Research Team for Being Acknowledge by Microsoft for Vulnerability Discovery

Hillstone Releases iSource, an Extended Detection and Response Platform

Hillstone’s A200W streamlines deployment of cost-effective perimeter solution

Endpoint Detection and Response: Getting from Good to Great

ADC V2.9 delivers traffic and balances links at an unprecedented level