CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-3794

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.141

EPSS Ranking 93.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html
https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html

Products affected by CVE-2020-3794

Adobe » Coldfusion » Version: 2016

cpe:2.3:a:adobe:coldfusion:2016
Adobe » Coldfusion » Version: 2018

cpe:2.3:a:adobe:coldfusion:2018

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3794

Products

Pricing

Contact Us