ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could result in limited unauthorized write access. An attacker could leverage this vulnerability to gain unauthorized access by exploiting improperly stored or transmitted credentials. Exploitation of this issue does not require user interaction.
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Coldfusion | Adobe | 2021 (including) | 2021 (including) |
| Coldfusion | Adobe | 2021-update1 (including) | 2021-update1 (including) |
| Coldfusion | Adobe | 2021-update10 (including) | 2021-update10 (including) |
| Coldfusion | Adobe | 2021-update11 (including) | 2021-update11 (including) |
| Coldfusion | Adobe | 2021-update12 (including) | 2021-update12 (including) |
| Coldfusion | Adobe | 2021-update13 (including) | 2021-update13 (including) |
| Coldfusion | Adobe | 2021-update14 (including) | 2021-update14 (including) |
| Coldfusion | Adobe | 2021-update15 (including) | 2021-update15 (including) |
| Coldfusion | Adobe | 2021-update16 (including) | 2021-update16 (including) |
| Coldfusion | Adobe | 2021-update17 (including) | 2021-update17 (including) |
| Coldfusion | Adobe | 2021-update18 (including) | 2021-update18 (including) |
| Coldfusion | Adobe | 2021-update19 (including) | 2021-update19 (including) |
| Coldfusion | Adobe | 2021-update2 (including) | 2021-update2 (including) |
| Coldfusion | Adobe | 2021-update20 (including) | 2021-update20 (including) |
| Coldfusion | Adobe | 2021-update21 (including) | 2021-update21 (including) |
| Coldfusion | Adobe | 2021-update22 (including) | 2021-update22 (including) |
| Coldfusion | Adobe | 2021-update3 (including) | 2021-update3 (including) |
| Coldfusion | Adobe | 2021-update4 (including) | 2021-update4 (including) |
| Coldfusion | Adobe | 2021-update5 (including) | 2021-update5 (including) |
| Coldfusion | Adobe | 2021-update6 (including) | 2021-update6 (including) |
| Coldfusion | Adobe | 2021-update7 (including) | 2021-update7 (including) |
| Coldfusion | Adobe | 2021-update8 (including) | 2021-update8 (including) |
| Coldfusion | Adobe | 2021-update9 (including) | 2021-update9 (including) |
| Coldfusion | Adobe | 2023 (including) | 2023 (including) |
| Coldfusion | Adobe | 2023-update1 (including) | 2023-update1 (including) |
| Coldfusion | Adobe | 2023-update10 (including) | 2023-update10 (including) |
| Coldfusion | Adobe | 2023-update11 (including) | 2023-update11 (including) |
| Coldfusion | Adobe | 2023-update12 (including) | 2023-update12 (including) |
| Coldfusion | Adobe | 2023-update13 (including) | 2023-update13 (including) |
| Coldfusion | Adobe | 2023-update14 (including) | 2023-update14 (including) |
| Coldfusion | Adobe | 2023-update15 (including) | 2023-update15 (including) |
| Coldfusion | Adobe | 2023-update16 (including) | 2023-update16 (including) |
| Coldfusion | Adobe | 2023-update2 (including) | 2023-update2 (including) |
| Coldfusion | Adobe | 2023-update3 (including) | 2023-update3 (including) |
| Coldfusion | Adobe | 2023-update4 (including) | 2023-update4 (including) |
| Coldfusion | Adobe | 2023-update5 (including) | 2023-update5 (including) |
| Coldfusion | Adobe | 2023-update6 (including) | 2023-update6 (including) |
| Coldfusion | Adobe | 2023-update7 (including) | 2023-update7 (including) |
| Coldfusion | Adobe | 2023-update8 (including) | 2023-update8 (including) |
| Coldfusion | Adobe | 2023-update9 (including) | 2023-update9 (including) |
| Coldfusion | Adobe | 2025 (including) | 2025 (including) |
| Coldfusion | Adobe | 2025-update1 (including) | 2025-update1 (including) |
| Coldfusion | Adobe | 2025-update2 (including) | 2025-update2 (including) |
| Coldfusion | Adobe | 2025-update3 (including) | 2025-update3 (including) |
| Coldfusion | Adobe | 2025-update4 (including) | 2025-update4 (including) |