CVE-2018-15961

Known Exploited (CISA KEV)CRITICAL

9.8

CVSS Severity Score

EPSS Score36.8460%

EPSS Percentile92.84th

Published2018年9月25日

Last Modified2025年10月23日

Vulnerability Description

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.

Affected Platforms (CPE)

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2018

References & Advisories

🔗 http://www.securityfocus.com/bid/105314

🔗 http://www.securitytracker.com/id/1041621

🔗 https://helpx.adobe.com/security/products/coldfusion/apsb18-33.html

🔗 https://www.exploit-db.com/exploits/45979/

🔗 http://www.securityfocus.com/bid/105314

🔗 http://www.securitytracker.com/id/1041621

🔗 https://helpx.adobe.com/security/products/coldfusion/apsb18-33.html

🔗 https://www.exploit-db.com/exploits/45979/

Vulnerability Description

Affected Platforms (CPE)

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

References & Advisories

関連する脆弱性情報