Lucene search

K
nvd[email protected]NVD:CVE-2008-1203
HistoryMar 12, 2008 - 12:44 a.m.

CVE-2008-1203

2008-03-1200:44:00
web.nvd.nist.gov
6

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.02

Percentile

89.2%

The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7 does not log failed authentication attempts, which makes it easier for remote attackers to conduct brute force attacks without detection.

Affected configurations

Nvd
Node
adobecoldfusionMatch7.0
OR
adobecoldfusionMatch8.0
VendorProductVersionCPE
adobecoldfusion7.0cpe:2.3:a:adobe:coldfusion:7.0:*:*:*:*:*:*:*
adobecoldfusion8.0cpe:2.3:a:adobe:coldfusion:8.0:*:*:*:*:*:*:*

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.02

Percentile

89.2%

Related for NVD:CVE-2008-1203