Description
ColdFusion RDS Service is enabled and publicly available to any IP address. The service is intended for development use only and must be protected with a strong password.
Remediation
Disable RDS Service in the ColdFusion Administrator.
References
Related Vulnerabilities
Python Debugger Unauthorized Access Vulnerability
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-34466)
[Possible] Internal Path Disclosure (Windows)
WordPress Plugin HTML5 MP3 Player with Playlist Free Information Disclosure (2.6)
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes