Adobe ColdFusion 2023 Update 10

CPE Details

Adobe ColdFusion 2023 Update 10
adobe
coldfusion
2023
2025-02-19
11h36 +00:00
2025-02-19
11h36 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:adobe:coldfusion:2023:update10:*:*:*:*:*:*

Informations

Vendor

adobe

Product

coldfusion

Version

2023

Update

update10

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-53961 2024-12-23 20h11 +00:00 ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access files or directories that are outside of the restricted directory set by the application. This could lead to the disclosure of sensitive information or the manipulation of system data. Exploitation of this issue requires the admin panel be exposed to the internet.
9.8
Critique
CVE-2023-29301 2023-07-12 15h46 +00:00 Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the confidentiality of the user. Exploitation of this issue does not require user interaction.
7.5
Haute
CVE-2011-0733 2011-02-01 16h00 +00:00 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file.
4.3