ColdFusion RDS Service enabled

Description
  • ColdFusion RDS Service is enabled and publicly available to any IP address. The service is intended for development use only and must be protected with a strong password.
Remediation
  • Disable RDS Service in the ColdFusion Administrator.
References