Lucene search
HistoryOct 15, 2014 - 10:55 a.m.
CVE-2014-0571
cve
2014
0571
cross-site scripting
xss
adobe
coldfusion
vulnerability
update
remote attackers
web script
html
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.021 Low
EPSS
Percentile
89.3%
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
adobecoldfusionMatch9.0
ORadobecoldfusionMatch9.0update_10
ORadobecoldfusionMatch9.0update_12
ORadobecoldfusionMatch9.0.1
ORadobecoldfusionMatch9.0.1update_11
ORadobecoldfusionMatch9.0.1update_9
ORadobecoldfusionMatch9.0.2
ORadobecoldfusionMatch9.0.2update_4
ORadobecoldfusionMatch9.0.2update_6
ORadobecoldfusionMatch10.0
ORadobecoldfusionMatch10.0update1
ORadobecoldfusionMatch10.0update11
ORadobecoldfusionMatch10.0update12
ORadobecoldfusionMatch10.0update2
ORadobecoldfusionMatch10.0update3
ORadobecoldfusionMatch10.0update4
ORadobecoldfusionMatch10.0update8
ORadobecoldfusionMatch11.0
Related
prion
prion
Cross site scripting
2014-10-15 10:55:00
nvd
nvd
CVE-2014-0571
2014-10-15 10:55:06
cvelist
cvelist
CVE-2014-0571
2014-10-15 10:00:00
nessus
nessus
Adobe ColdFusion Multiple Vulnerabilities (APSB14-23) (credentialed check)
2014-10-15 00:00:00
threatpost
threatpost
Fixes for IE, Flash Player in October Patch Tuesday Release
2014-10-14 15:02:06
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.021 Low
EPSS
Percentile
89.3%
Related for CVE-2014-0571