PT-2013-3126 · Adobe · Coldfusion

Published

2013-04-10

Updated

2020-09-04

CVE-2013-1388

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Adobe ColdFusion versions 9.0 through 9.0 before Update 10 Adobe ColdFusion version 9.0.1 through 9.0.1 before Update 9 Adobe ColdFusion version 9.0.2 through 9.0.2 before Update 4 Adobe ColdFusion version 10 through 10 before Update 9

Description The issue allows attackers to obtain administrator-console access. The exact vectors used for the attack are not specified.

Recommendations For Adobe ColdFusion versions 9.0 through 9.0 before Update 10, apply Update 10. For Adobe ColdFusion version 9.0.1 through 9.0.1 before Update 9, apply Update 9. For Adobe ColdFusion version 9.0.2 through 9.0.2 before Update 4, apply Update 4. For Adobe ColdFusion version 10 through 10 before Update 9, apply Update 9.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-1388

Affected Products

Coldfusion

PT-2013-3126 · Adobe · Coldfusion

CVE-2013-1388

Related Identifiers

Affected Products

References · 3