Описание
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.
Ссылки
- Vendor Advisory
- Not Applicable
- Broken LinkThird Party AdvisoryVDB Entry
- Vendor Advisory
- Not Applicable
- Broken LinkThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:adobe:coldfusion:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:9.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:10.0:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.80909
Высокий
7.5 High
CVSS3
4.3 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.
EPSS
Процентиль: 99%
0.80909
Высокий
7.5 High
CVSS3
4.3 Medium
CVSS2
Дефекты
NVD-CWE-noinfo