STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Adobe ColdFusion Security Technical Implementation Guide

V-279110

CAT II (Medium)

ColdFusion must have the Java Runtime Environment (JRE) updated to the latest version.

Rule ID

SV-279110r1171432_rule

STIG

Adobe ColdFusion Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000366

Discussion

The JRE is a critical component of the ColdFusion server, providing the necessary runtime environment for executing Java applications. Keeping the JRE updated to the latest version is essential for maintaining the security and stability of the server. Outdated versions of the JRE may contain vulnerabilities that can be exploited by attackers to gain unauthorized access, execute arbitrary code, or cause denial of service. Regularly updating the JRE ensures that the server is protected against known vulnerabilities and benefits from the latest security enhancements and performance improvements.

Check Content

Verify JRE.

1. From the Admin Console Landing Screen, navigate to the System Information page by clicking the "i" button on the right side of the top navbar.

2. Review the Java Version and verify it matches the latest version available.

If the version is not the latest, this is a finding.

Fix Text

Install the latest version of the supported JRE. 

1. From the Admin Console Landing Screen, navigate to Server Settings >> Java and JVM.

2. Change the "Java Virtual Machine Path" value to the folder with the latest JRE.

3. Select "Submit Changes".

4. Restart ColdFusion.