CVE-2025-43565

High CVSS: 8.4

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability that could lead to arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security protections and execute code. Exploitation of this issue requires user interaction and scope is changed.

Vendor

Adobe

Product

Coldfusion

CWE

CWE-863

Yayın Tarihi

2025-05-13 21:16:16

Güncelleme

2025-05-19 20:40:07

Source Identifier

psirt@adobe.com

KEV Date Added

Kategoriler

CWE-863 Coldfusion HIGH Adobe 2025

Referanslar

https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html

Benzer Kayıtlar

High

CVE-2026-27309

Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbi…

High

CVE-2026-21361

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a…

Medium

CVE-2026-21360

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an…

Medium

CVE-2026-21359

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an…

High

CVE-2026-21311

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a…

Medium

CVE-2026-21310

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an…