Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2019-8072

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Security bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

  • Published: Sep 27, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-8072
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
adobe / coldfusion 2018 2018.x
adobe / coldfusion 2016 2016.x
adobe / coldfusion 2016-update1 2016-update1.x
adobe / coldfusion 2016-update10 2016-update10.x
adobe / coldfusion 2016-update11 2016-update11.x
adobe / coldfusion 2016-update2 2016-update2.x
adobe / coldfusion 2016-update3 2016-update3.x
adobe / coldfusion 2016-update4 2016-update4.x
adobe / coldfusion 2016-update5 2016-update5.x
adobe / coldfusion 2016-update6 2016-update6.x
adobe / coldfusion 2016-update7 2016-update7.x
adobe / coldfusion 2016-update8 2016-update8.x
adobe / coldfusion 2016-update9 2016-update9.x
adobe / coldfusion 2018-update1 2018-update1.x
adobe / coldfusion 2018-update2 2018-update2.x
adobe / coldfusion 2018-update3 2018-update3.x
adobe / coldfusion 2018-update4 2018-update4.x