DataBank Establishes $725M Financing Facility to Support Growth. Read the press release.

ColdFusion CVE-2019-7816

ColdFusion CVE-2019-7816

On March 1, 2019, Adobe released patch advisory APSB19-14 for all currently maintained and supported versions of ColdFusion (ColdFusion 11, ColdFusion 2016, and ColdFusion 2018).  The critical patch addresses an issue allowing an attacker to upload a malicious file to a server by bypassing any file restrictions and then executing the attack via an HTTP request.  This is actively being exploited in the wild.

Is my instance of ColdFusion affected?

Any server that is running ColdFusion 11, ColdFusion 2016, or ColdFusion 2018 is affected and should be patched immediately.

What about older versions of ColdFusion?

Older versions of ColdFusion are considered end-of-life and are not being patched by Adobe.  If you are running an older version of ColdFusion, you should upgrade to a supported version.

How do I update ColdFusion?

The easiest way to update ColdFusion is to log into each CF Admin instance and navigate to Updates.  From there, check for updates and apply the patches that are available.  Once done, restart the ColdFusion services.  Specifically, ColdFusion 11 Update 18, ColdFusion 2016 Update 10, and ColdFusion 2018 Update 3 are the patches that address this critical vulnerability.

What if I need assistance in patching ColdFusion?

As always, our engineers can assist you.  Please open a ticket via the customer portal and we would be happy to assist.

Share Article


Discover the DataBank Difference

Discover the DataBank Difference

Explore the eight critical factors that define our Data Center Evolved approach and set us apart from other providers.
Download Now
Get Started

Get Started

Discover the DataBank Difference today:
Hybrid infrastructure solutions with boundless edge reach and a human touch.

Get A Quote

Request a Quote

Tell us about your infrastructure requirements and how to reach you, and one of the team members will be in touch.

Schedule a Tour

Tour Our Facilities

Let us know which data center you’d like to visit and how to reach you, and one of the team members will be in touch shortly.