Critical severity9.8CISA KEVNVD Advisory· Published Jan 9, 2013· Updated Jun 16, 2026
CVE-2013-0625
CVE-2013-0625
Description
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:adobe:coldfusion:9.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:adobe:coldfusion:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:coldfusion:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:coldfusion:9.0.2:*:*:*:*:*:*:*
- (no CPE)range: 9.0, 9.0.1, 9.0.2
Patches
Vulnerability mechanics
References
4- www.adobe.com/support/security/advisories/apsa13-01.htmlnvdVendor Advisory
- www.securityfocus.com/bid/57164nvdBroken LinkThird Party AdvisoryVDB Entry
- www.adobe.com/support/security/bulletins/apsb13-03.htmlnvdNot Applicable
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.