CVE-2019-8072 | Vulnerability Database | Aqua Security

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Security bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

Affected Software

Name	Vendor	Start Version	End Version
Coldfusion	Adobe	2016 (including)	2016 (including)
Coldfusion	Adobe	2016-update1 (including)	2016-update1 (including)
Coldfusion	Adobe	2016-update10 (including)	2016-update10 (including)
Coldfusion	Adobe	2016-update11 (including)	2016-update11 (including)
Coldfusion	Adobe	2016-update2 (including)	2016-update2 (including)
Coldfusion	Adobe	2016-update3 (including)	2016-update3 (including)
Coldfusion	Adobe	2016-update4 (including)	2016-update4 (including)
Coldfusion	Adobe	2016-update5 (including)	2016-update5 (including)
Coldfusion	Adobe	2016-update6 (including)	2016-update6 (including)
Coldfusion	Adobe	2016-update7 (including)	2016-update7 (including)
Coldfusion	Adobe	2016-update8 (including)	2016-update8 (including)
Coldfusion	Adobe	2016-update9 (including)	2016-update9 (including)
Coldfusion	Adobe	2018 (including)	2018 (including)
Coldfusion	Adobe	2018-update1 (including)	2018-update1 (including)
Coldfusion	Adobe	2018-update2 (including)	2018-update2 (including)
Coldfusion	Adobe	2018-update3 (including)	2018-update3 (including)
Coldfusion	Adobe	2018-update4 (including)	2018-update4 (including)

References

https://helpx.adobe.com/security/products/coldfusion/apsb19-47.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-8072
CWE	https://cwe.mitre.org/data/definitions/.html