Skip to main content

Adobe ColdFusion Remote Code Execution Vulnerability

Release Date: 18 Jul 2023 3477 Views

RISK: High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability was identified in Adobe ColdFusion. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.



Proof Of Concept Exploit Code Is Publicly Available for CVE-2023-38203.


  • Remote Code Execution

System / Technologies affected

  • ColdFusion 2018 - Update 17 and earlier versions
  • ColdFusion 2021 - Update 7 and earlier versions
  • ColdFusion 2023 - Update 1 and earlier versions


Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Vulnerability Identifier


Related Link