CVSS 3.1 Score 9.8 of 10 (high)


Published Jul 12, 2023
Updated: Jan 9, 2024
CWE ID 502


The vulnerability with CVE ID CVE-2023-29300 affects Adobe ColdFusion versions 2018u16, 2021u6, and 2023.0.0.330468. It is a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution. This vulnerability does not require user interaction for exploitation. The affected products include Adobe ColdFusion versions mentioned above. To remediate this vulnerability, users should update to the latest versions of Adobe ColdFusion. The potential danger of this vulnerability to an organization is significant, as it has a high base severity and score of 9.8 out of 10. It can result in the compromise of integrity and confidentiality, posing a significant risk to the affected organization's systems and data security.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-29300 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options