ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass . An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.
2023-09-07T13:15:07.160
2024-11-21T06:24:35.367
Modified
CVSSv3.1: 7.4 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | adobe | coldfusion | < 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2018 | Yes |
| Application | adobe | coldfusion | 2021 | Yes |