VYPR
Unrated severityNVD Advisory· Published Sep 7, 2023· Updated Sep 4, 2024

ColdFusion Use of Inherently Dangerous Function Leads To Security feature bypass

CVE-2021-40698

Description

ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass  . An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.

Affected products

2
  • Adobe Inc./Coldfusionllm-fuzzy2 versions
    <=2021 update 1, <=2018.10+ 1 more
    • (no CPE)range: <=2021 update 1, <=2018.10
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.