Coldfusion Security Vulnerabilities and Issues — Coldfusion CVE List

Lucene search

AdobeColdfusion

4 matches found

cve•added 2023/07/12 4:15 p.m.•475 views

CVE-2023-29298

Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC end...

7.5CVSS7.5AI score0.9431EPSS

In wild

cve•added 2023/07/12 4:15 p.m.•309 views

CVE-2023-29300

Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.

9.8CVSS9.4AI score0.92907EPSS

In wild

cve•added 2023/07/20 4:15 p.m.•290 views

CVE-2023-38203

Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.

9.8CVSS9.6AI score0.94264EPSS

In wild

cve•added 2023/07/12 4:15 p.m.•59 views

CVE-2023-29301

Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact ...

7.5CVSS7.5AI score0.00436EPSS