Lucene search

K
cve[email protected]CVE-1999-0455
HistoryFeb 04, 2000 - 5:00 a.m.

CVE-1999-0455

2000-02-0405:00:00
web.nvd.nist.gov
28
20
cve-1999-0455
coldfusion
remote attack
server access
file deletion
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.

Affected configurations

NVD
Node
allairecoldfusion_serverMatch4.0

Social References

More

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

Related for CVE-1999-0455