Escolha uma Página

[Overview]

Adobe ColdFusion is a dynamic web server, a rapid application development platform offered by Adobe Systems that contains advanced features for enterprise integration and internet application development.

[Vulnerability Details]

CVE-2017-11284: This vulnerability is caused by no input validation before the object in the RMI registry is deserialized. An unidentified attacker could exploit this vulnerability by sending maliciously crafted deserialized data to the target application. If this vulnerability is exploited, arbitrary code will be executed remotely on the system with the unwitting victim application’s permission.

Vulnerability Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11284

[Severity]

High-risk

[Impact]

  • Adobe ColdFusion(2016 release)update 4 and earlier
  • Adobe ColdFusion 11 update 12 and earlier

[Fix Suggestions]

  • Turn off port 1099 to prevent ColdFusion from communicating with untrusted networks
  • Upgrade to the latest version or an officially provided fix to prevent attacks

Official statement: https://helpx.adobe.com/security/products/coldfusion/apsb17-30.html

[Hillstone Networks Solution]

Hillstone Networks has added signatures to the signature database: Signature Library Version: 2.1.224. By deploying any Hillstone Networks solution with IPS function, Adobe ColdFusion deserialization vulnerability can be quickly detected and effectively blocked to prevent hackers from exploiting it.


Threat Events Detected by Hillstone Solutions


Vulnerability Detail Description

Hillstone Adds Botnet C&C Prevention to StoneOS

Vulnerability Notification: Microsoft Windows Shell Zip File Remote Code Execution

Vulnerability Notification: Cisco Adaptive Security Appliance Webvpn XML Parser Double Free

Announcing Enhancements to Hillstone Networks CloudView

Announcing the Hillstone Server Breach Detection System 2.1

Vulnerability Notification: Oracle WebLogic Server XmlAdapter Deserialization

Statement on Vulnerability: Hillstone Networks does not use Intel Processors in its NGFW

Hillstone Responds to Bad Rabbit Ransomware

Protections of NEW Variant of Petya Ransomware Using Hillstone Network’s Layered Security Solution