Description
An important vulnerability (CVE-2010-0185) has been identified in ColdFusion 9.0, which could allow access to collections created by the Solr Service to be accessed from any external machine using a specific URL. By accessing the ColdFusion Solr collections, a user could search and index the information contained in the collections. Adobe has provided a solution to the reported vulnerability. It is recommended that users update their product installations using the instructions provided below.
Remediation
Disable external access to the Solr collections.
References
Related Vulnerabilities
WordPress Plugin Calendar Event Multi View Multiple SQL Injection Vulnerabilities (1.1.7)
Nginx Out-of-bounds Read Vulnerability (CVE-2022-38890)
osTicket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-15580)
WordPress Plugin Paytium:Mollie payment forms & donations Cross-Site Scripting (3.1.1)
WordPress Plugin Ultimate Addons for Elementor Security Bypass (1.24.1)