Lucene search

K
AdobeColdfusion

5 matches found

CVE
CVE
added 2023/09/14 8:15 a.m.1778 views

CVE-2023-38205

Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. E...

7.5CVSS7.5AI score0.9431EPSS
CVE
CVE
added 2023/09/14 8:15 a.m.98 views

CVE-2023-38206

Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints re...

5.3CVSS5.5AI score0.0014EPSS
CVE
CVE
added 2023/09/14 8:15 a.m.85 views

CVE-2023-38204

Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.

9.8CVSS9.6AI score0.94264EPSS
CVE
CVE
added 2023/09/07 1:15 p.m.51 views

CVE-2021-40699

ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environm...

7.4CVSS7.1AI score0.00162EPSS
CVE
CVE
added 2023/09/07 1:15 p.m.39 views

CVE-2021-40698

ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass . An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on...

7.4CVSS7.2AI score0.00122EPSS