Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows local users to bypass intended IP-based access restrictions via unspecified vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Coldfusion | Adobe | 9.0 (including) | 9.0 (including) |
| Coldfusion | Adobe | 9.0-update_10 (including) | 9.0-update_10 (including) |
| Coldfusion | Adobe | 9.0-update_12 (including) | 9.0-update_12 (including) |
| Coldfusion | Adobe | 9.0.1 (including) | 9.0.1 (including) |
| Coldfusion | Adobe | 9.0.1-update_11 (including) | 9.0.1-update_11 (including) |
| Coldfusion | Adobe | 9.0.1-update_9 (including) | 9.0.1-update_9 (including) |
| Coldfusion | Adobe | 9.0.2 (including) | 9.0.2 (including) |
| Coldfusion | Adobe | 9.0.2-update_4 (including) | 9.0.2-update_4 (including) |
| Coldfusion | Adobe | 9.0.2-update_6 (including) | 9.0.2-update_6 (including) |
| Coldfusion | Adobe | 10.0 (including) | 10.0 (including) |
| Coldfusion | Adobe | 10.0-update1 (including) | 10.0-update1 (including) |
| Coldfusion | Adobe | 10.0-update11 (including) | 10.0-update11 (including) |
| Coldfusion | Adobe | 10.0-update12 (including) | 10.0-update12 (including) |
| Coldfusion | Adobe | 10.0-update2 (including) | 10.0-update2 (including) |
| Coldfusion | Adobe | 10.0-update3 (including) | 10.0-update3 (including) |
| Coldfusion | Adobe | 10.0-update4 (including) | 10.0-update4 (including) |
| Coldfusion | Adobe | 10.0-update8 (including) | 10.0-update8 (including) |
| Coldfusion | Adobe | 11.0 (including) | 11.0 (including) |