CVE Vulnerabilities

CVE-2013-0625

Published: Jan 09, 2013 | Modified: Jan 18, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.

Affected Software

Name Vendor Start Version End Version
Coldfusion Adobe 9.0.2 9.0.2
Coldfusion Adobe 9.0 9.0
Coldfusion Adobe 10.0 10.0
Coldfusion Adobe 9.0.1 9.0.1

References