CVE-2013-1389HIGH
Description
Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, 9.0.1 before Update 10, 9.0.2 before Update 5, and 10 before Update 10 allows remote attackers to execute arbitrary code via unknown vectors.
References
http://www.adobe.com/support/security/bulletins/apsb13-13.html
Details
Source: MITRE
Published: 2013-05-16
Updated: 2020-09-04
Type: NVD-CWE-noinfo
Risk Information
CVSS v2.0
Base Score: 10
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 10
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:adobe:coldfusion:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:9.0:update_10:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:9.0.1:update_9:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:9.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:9.0.2:update_4:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:10.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:10.0:update1:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 66408 | Adobe ColdFusion Authentication Bypass (APSB13-13) (intrusive check) | Nessus | CGI abuses | critical |
| 66407 | Adobe ColdFusion Authentication Bypass (APSB13-13) | Nessus | CGI abuses | critical |