Описание
The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have been created by the Solr Service, which allows remote attackers to obtain collection metadata, search information, and index data via a request to an unspecified URL.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:adobe:coldfusion:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01646
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have been created by the Solr Service, which allows remote attackers to obtain collection metadata, search information, and index data via a request to an unspecified URL.
EPSS
Процентиль: 82%
0.01646
Низкий
5 Medium
CVSS2
Дефекты
CWE-264