Vulnerability Details CVE-2023-44355
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to impact a minor integrity feature. Exploitation of this issue does require user interaction.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.8%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2023-44355
-
cpe:2.3:a:adobe:coldfusion:-
-
cpe:2.3:a:adobe:coldfusion:10.0
-
cpe:2.3:a:adobe:coldfusion:11.0
-
cpe:2.3:a:adobe:coldfusion:2016
-
cpe:2.3:a:adobe:coldfusion:2018
-
cpe:2.3:a:adobe:coldfusion:2018.0.0
-
cpe:2.3:a:adobe:coldfusion:2018.0.0.310739
-
cpe:2.3:a:adobe:coldfusion:2021
-
cpe:2.3:a:adobe:coldfusion:2023
-
cpe:2.3:a:adobe:coldfusion:6.0
-
cpe:2.3:a:adobe:coldfusion:6.1
-
cpe:2.3:a:adobe:coldfusion:7.0
-
cpe:2.3:a:adobe:coldfusion:7.0.1
-
cpe:2.3:a:adobe:coldfusion:7.0.2
-
cpe:2.3:a:adobe:coldfusion:7.2
-
cpe:2.3:a:adobe:coldfusion:8.0
-
cpe:2.3:a:adobe:coldfusion:8.0.1
-
cpe:2.3:a:adobe:coldfusion:9.0
-
cpe:2.3:a:adobe:coldfusion:9.0.1
-
cpe:2.3:a:adobe:coldfusion:9.0.2