CVE Vulnerabilities

CVE-2013-3350

Published: Jul 10, 2013 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components (CFC) public methods via WebSockets.

Affected Software

Name Vendor Start Version End Version
Coldfusion Adobe 10.0 (including) 10.0 (including)
Coldfusion Adobe 10.0-update1 (including) 10.0-update1 (including)
Coldfusion Adobe 10.0-update2 (including) 10.0-update2 (including)
Coldfusion Adobe 10.0-update3 (including) 10.0-update3 (including)
Coldfusion Adobe 10.0-update4 (including) 10.0-update4 (including)
Coldfusion Adobe 10.0-update8 (including) 10.0-update8 (including)

References