Home
HIGH: 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:NDefault status
affected
Any version
affected
11 (semver)
unaffected
Default status
affected
Any version
affected
22 (semver)
unaffected
Description
ColdFusion is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction. Scope is changed.
Problem types
Improper Input Validation (CWE-20)
Product status
Any version
11 (semver)
Any version
22 (semver)
References
helpx.adobe.com/security/products/coldfusion/apsb26-82.html