ColdFusion version 2021 update 1 (and previous versions) and versions 2018.10 (and previous versions) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe coldfusion 2018 |
||
adobe coldfusion 2021 |
||
adobe coldfusion |