CyberSec.Space Logo
Back to CVE Browser

CVE-2013-0629

Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
EPSS Score50.6220%
EPSS Percentile96.40th
PublishedJan 9, 2013
Last ModifiedApr 21, 2026

Vulnerability Description

Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.

Affected Platforms (CPE)

πŸ“¦
Adobe

Coldfusion

= 9.0
πŸ“¦
Adobe

Coldfusion

= 9.0.1
πŸ“¦
Adobe

Coldfusion

= 9.0.2
πŸ“¦
Adobe

Coldfusion

= 10.0

References & Advisories

πŸ”— http://www.adobe.com/support/security/advisories/apsa13-01.html
πŸ”— http://www.adobe.com/support/security/bulletins/apsb13-03.html
πŸ”— http://www.securityfocus.com/bid/57165
πŸ”— http://www.adobe.com/support/security/advisories/apsa13-01.html
πŸ”— http://www.adobe.com/support/security/bulletins/apsb13-03.html
πŸ”— http://www.securityfocus.com/bid/57165
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0629

Related Vulnerabilities

CVE-2001-151410.0

ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly...

CVE-2010-529010.0

The authentication process in Adobe ColdFusion before 10 does not require knowledge of the cleartext password if the password hash...

CVE-1999-076010.0

Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional p...

CVE-2013-138910.0

Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, 9.0.1 before Update 10, 9.0.2 before Update 5, and 10 before U...