CVE-2019-7816

Description

ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

4.339

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities are affected in Coldfusion 10 2018	Windows
Multiple Vulnerabilities are affected in Coldfusion 11 2018	Windows
Multiple Vulnerabilities are affected in Coldfusion 9 2018	Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234