Adobe ColdFusion 2023 Update 11

CPE Details

Adobe ColdFusion 2023 Update 11
adobe
coldfusion
2023
2025-02-19
11h36 +00:00
2025-02-19
11h36 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:adobe:coldfusion:2023:update11:*:*:*:*:*:*

Informations

Vendor

adobe

Product

coldfusion

Version

2023

Update

update11

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-53961 2024-12-23 20h11 +00:00 ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access files or directories that are outside of the restricted directory set by the application. This could lead to the disclosure of sensitive information or the manipulation of system data. Exploitation of this issue requires the admin panel be exposed to the internet.
9.8
Critical
CVE-2023-29301 2023-07-12 15h46 +00:00 Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the confidentiality of the user. Exploitation of this issue does not require user interaction.
7.5
High
CVE-2011-0733 2011-02-01 16h00 +00:00 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file.
4.3