Lucene search
HistorySep 20, 2013 - 4:55 p.m.
CVE-2010-5290
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
Low
EPSS
0.968
Percentile
99.7%
The authentication process in Adobe ColdFusion before 10 does not require knowledge of the cleartext password if the password hash is known, which makes it easier for context-dependent attackers to obtain administrative privileges by leveraging read access to the configuration file, a different vulnerability than CVE-2010-2861.
Affected configurations
Node
adobecoldfusionRange≤9.0.2
ORadobecoldfusionMatch9.0
ORadobecoldfusionMatch9.0.1
Related
prion
prion
Design/Logic Flaw
2013-09-20 16:55:00
Directory traversal
2010-08-11 18:47:00
cvelist
cvelist
CVE-2010-5290
2013-09-20 16:00:00
CVE-2010-2861
2010-08-11 18:00:00
cve
cve
CVE-2010-5290
2013-09-20 16:55:03
CVE-2010-2861
2010-08-11 18:47:51
nuclei
nuclei
Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI
2021-03-01 04:26:27
securityvulns
securityvulns
metasploit
metasploit
ColdFusion Server Check
2010-09-01 01:57:22
seebug
seebug
Adobe ColdFusion <=8.0 - Directory Traversal Vulnerability (CVE-2010-2861)
2014-07-01 00:00:00
Adobe ColdFusion Directory Traversal Vulnerability
2010-09-30 00:00:00
attackerkb
attackerkb
CVE-2010-2861
2010-08-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe ColdFusion Directory Traversal (APSB10-18; CVE-2010-2861)
2010-09-05 00:00:00
cisa_kev
cisa_kev
Adobe ColdFusion Directory Traversal Vulnerability
2022-03-25 00:00:00
exploitpack
exploitpack
Adobe ColdFusion - Directory Traversal
2010-08-14 00:00:00
packetstorm
packetstorm
Adobe ColdFusion - Directory Traversal
2011-03-16 00:00:00
Adobe ColdFusion Directory Traversal
2010-08-17 00:00:00
ColdFusion Server Check
2024-09-01 00:00:00
nvd
nvd
CVE-2010-2861
2010-08-11 18:47:51
canvas
canvas
Immunity Canvas: CF_DIRECTORY_TRAVERSAL
2010-08-11 18:47:00
openvas
openvas
Adobe ColdFusion Directory Traversal Vulnerability (APSB10-18)
2010-09-02 00:00:00
Adobe ColdFusion Directory Traversal Vulnerability
2010-09-02 00:00:00
nessus
nessus
Adobe ColdFusion 'locale' Parameter Directory Traversal
2010-08-16 00:00:00
exploitdb
exploitdb
Adobe ColdFusion - Directory Traversal
2010-08-14 00:00:00
Adobe ColdFusion - Directory Traversal (Metasploit)
2011-03-16 00:00:00
thn
thn
Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug
2021-09-21 12:27:00
threatpost
threatpost
12 New Flaws Used in Ransomware Attacks in Q3
2021-11-09 18:06:33
nmap
nmap
http-vuln-cve2010-2861 NSE Script
2012-02-19 14:40:01
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
Low
EPSS
0.968
Percentile
99.7%
Related for NVD:CVE-2010-5290