Exploiting CVE-2017-11286 Six Years Later: XXE in ColdFusion via WDDX Packet

Introduction🎈🎂🎂🎂🎂🎂🎂🎈Six years ago today, on September 12, 2017, Adobe released APSB17-30.

From: Hoya Haxa - A Security Research Blog

Technical Details for CVE-2023-29301: Adobe ColdFusion Access Control Bypass for a CFAdmin Authentication Component

BackgroundIn this post I'll be walking though CVE-2023-29301, which is an access control bypass / password brute force vulnerability in Adobe ColdFusion that I reported to Adobe and was fixed on July 11, 2023 in Adobe Product Security Bulletin APSB23-40.

From: Hoya Haxa - A Security Research Blog

Technical Details for CVE-2023-29301: Adobe ColdFusion Access Control Bypass for a CFAdmin Authentication Component

BackgroundIn this post I'll be walking though CVE-2023-29301, which is an access control bypass / password brute force vulnerability in Adobe ColdFusion that I reported to Adobe and was fixed on July 11, 2023 in Adobe Product Security Bulletin APSB23-40.

From: Hoya Haxa - A Security Research Blog

Technical Details for CVE-2023-29301: Adobe ColdFusion Access Control Bypass for a CFAdmin Authentication Component

BackgroundIn this post I'll be walking though CVE-2023-29301, which is an access control bypass / password brute force vulnerability in Adobe ColdFusion that I reported to Adobe and was fixed on July 11, 2023 in Adobe Product Security Bulletin APSB23-40.

From: Hoya Haxa - A Security Research Blog

cfscript cf*() functions are Custom Tags

I found an interesting discussion between the community and Adobe today regarding early cfscript functionality for tags.

From: Chris Tierney

cfscript cf*() functions are Custom Tags

I found an interesting discussion between the community and Adobe today regarding early cfscript functionality for tags.

From: Chris Tierney

cfscript cf*() functions are Custom Tags

I found an interesting discussion between the community and Adobe today regarding early cfscript functionality for tags.

From: Chris Tierney

Simpler Bootstrap accordions

Vertically collapsing accordion UI components are simple to implement these days using native HTML.

From: cfSimplicity

Simpler Bootstrap accordions

Vertically collapsing accordion UI components are simple to implement these days using native HTML.

From: cfSimplicity

Simpler Bootstrap accordions

Vertically collapsing accordion UI components are simple to implement these days using native HTML.

From: cfSimplicity

On ColdFusion, AES, and Padding Oracle Attacks: Hic Sunt Dracones

TL; DR: If you use AES-CBC (or another block cipher operating in CBC mode) to decrypt user-controlled ciphertext, validate the ciphertext with an HMAC or similar integrity check prior to decryption to avoid Padding Oracle vulnerabilities.

From: Hoya Haxa - A Security Research Blog

On ColdFusion, AES, and Padding Oracle Attacks: Hic Sunt Dracones

TL; DR: If you use AES-CBC (or another block cipher operating in CBC mode) to decrypt user-controlled ciphertext, validate the ciphertext with an HMAC or similar integrity check prior to decryption to avoid Padding Oracle vulnerabilities.

From: Hoya Haxa - A Security Research Blog

On ColdFusion, AES, and Padding Oracle Attacks: Hic Sunt Dracones

TL; DR: If you use AES-CBC (or another block cipher operating in CBC mode) to decrypt user-controlled ciphertext, validate the ciphertext with an HMAC or similar integrity check prior to decryption to avoid Padding Oracle vulnerabilities.

From: Hoya Haxa - A Security Research Blog

Adobe ColdFusion Log Verboseness

Server logs in ColdFusion are a must-have resource to help you tune, monitor, and troubleshoot your servers.

From: Chris Tierney

Adobe ColdFusion Log Verboseness

Server logs in ColdFusion are a must-have resource to help you tune, monitor, and troubleshoot your servers.

From: Chris Tierney

Adobe ColdFusion Log Verboseness

Server logs in ColdFusion are a must-have resource to help you tune, monitor, and troubleshoot your servers.

From: Chris Tierney

FortiGate 80F to Unifi Security Gateway Pro 4 IPSec Tunnel Issues

I have recently replaced an older Cisco ASA 5550 with a FortiGate 80F.

From: Chris Tierney

FortiGate 80F to Unifi Security Gateway Pro 4 IPSec Tunnel Issues

I have recently replaced an older Cisco ASA 5550 with a FortiGate 80F.

From: Chris Tierney

FortiGate 80F to Unifi Security Gateway Pro 4 IPSec Tunnel Issues

I have recently replaced an older Cisco ASA 5550 with a FortiGate 80F.

From: Chris Tierney

Why You Don't Want To Use CFMX_COMPAT Encryption

This is the first of what may be a couple of posts about my presentation from ColdFusion Summit East 2023, which was held in April in Washington, DC.

From: Hoya Haxa - A Security Research Blog

Why You Don't Want To Use CFMX_COMPAT Encryption

This is the first of what may be a couple of posts about my presentation from ColdFusion Summit East 2023, which was held in April in Washington, DC.

From: Hoya Haxa - A Security Research Blog

Why You Don't Want To Use CFMX_COMPAT Encryption

This is the first of what may be a couple of posts about my presentation from ColdFusion Summit East 2023, which was held in April in Washington, DC.

From: Hoya Haxa - A Security Research Blog

Copying AWS EC2 Tags to EBS Using PowerShell

These days when creating an EC2 instance in the AWS console UI, by default, the tags are duplicated across Elastic Block Service (EBS) and Elastic Network Interface (ENI) attached resources being created.

From: Chris Tierney

Copying AWS EC2 Tags to EBS Using PowerShell

These days when creating an EC2 instance in the AWS console UI, by default, the tags are duplicated across Elastic Block Service (EBS) and Elastic Network Interface (ENI) attached resources being created.

From: Chris Tierney

Copying AWS EC2 Tags to EBS Using PowerShell

These days when creating an EC2 instance in the AWS console UI, by default, the tags are duplicated across Elastic Block Service (EBS) and Elastic Network Interface (ENI) attached resources being created.

From: Chris Tierney