Vulnerability Details CVE-2022-38420
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interaction.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.098
EPSS Ranking 92.6%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-38420
-
cpe:2.3:a:adobe:coldfusion:2018
-
cpe:2.3:a:adobe:coldfusion:2021