2 matches found
CVE-2020-10145
The Adobe ColdFusion installer fails to set a secure access-control list ACL on the default installation directory, such as C:\ColdFusion2021. By default, unprivileged users can create files in this directory structure, which creates a privilege-escalation vulnerability...
CVE-2020-10145
CVE-2020-10145 affects the Adobe ColdFusion installer on Windows, which fails to set a secure ACL on the default installation directory (e.g., C:\ColdFusion2021). This allows unprivileged users to place files in the ColdFusion install path, enabling privilege escalation. Exploitation details are ...