Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
2020-07-17T00:15:11.917
2025-05-05T17:16:04.560
Modified
CVSSv3.1: 7.8 (HIGH)
AV:L/AC:M/Au:N/C:P/I:P/A:P
3.4
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2016 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |