Description

An important vulnerability (CVE-2010-0185) has been identified in ColdFusion 9.0, which could allow access to collections created by the Solr Service to be accessed from any external machine using a specific URL. By accessing the ColdFusion Solr collections, a user could search and index the information contained in the collections. Adobe has provided a solution to the reported vulnerability. It is recommended that users update their product installations using the instructions provided below.

Remediation

Disable external access to the Solr collections.

References

Related Vulnerabilities

Severity

High

Classification

CVE-2010-0185 CWE-264

Tags

Missing Update