Vulnerability Details CVE-2008-1203
The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7 does not log failed authentication attempts, which makes it easier for remote attackers to conduct brute force attacks without detection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.074
EPSS Ranking 91.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/29332
- http://www.adobe.com/support/security/bulletins/apsb08-08.html
- http://www.securityfocus.com/bid/28207
- http://www.securitytracker.com/id?1019600
- http://www.vupen.com/english/advisories/2008/0862/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41150
- http://secunia.com/advisories/29332
- http://www.adobe.com/support/security/bulletins/apsb08-08.html
- http://www.securityfocus.com/bid/28207
- http://www.securitytracker.com/id?1019600
- http://www.vupen.com/english/advisories/2008/0862/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41150
Products affected by CVE-2008-1203
-
cpe:2.3:a:adobe:coldfusion:7.0
-
cpe:2.3:a:adobe:coldfusion:8.0