What is the severity of CVE-2014-0572?

CVE-2014-0572 is classified as a medium-severity vulnerability that allows local users to bypass IP-based access restrictions.

How do I fix CVE-2014-0572?

To fix CVE-2014-0572, update Adobe ColdFusion to the latest version or apply the security updates that address this vulnerability.

Can CVE-2014-0572 be exploited remotely?

CVE-2014-0572 is a local vulnerability, meaning it requires local access to the system to exploit.

What types of attacks can be conducted due to CVE-2014-0572?

Due to CVE-2014-0572, local users could potentially gain unauthorized access to services restricted by IP-based controls.

Vulnerability/
CVE-2014-0572

medium

4.6

CWE

264

15/10/2014

6/8/2024

CVE-2014-0572

First published: Wed Oct 15 2014(Updated: )

Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows local users to bypass intended IP-based access restrictions via unspecified vectors.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe ColdFusion	=9.0
Adobe ColdFusion	=9.0-update_10
Adobe ColdFusion	=9.0-update_12
Adobe ColdFusion	=9.0.1
Adobe ColdFusion	=9.0.1-update_11
Adobe ColdFusion	=9.0.1-update_9
Adobe ColdFusion	=9.0.2
Adobe ColdFusion	=9.0.2-update_4
Adobe ColdFusion	=9.0.2-update_6
Adobe ColdFusion	=10.0
Adobe ColdFusion	=10.0-update1
Adobe ColdFusion	=10.0-update11
Adobe ColdFusion	=10.0-update12
Adobe ColdFusion	=10.0-update2
Adobe ColdFusion	=10.0-update3
Adobe ColdFusion	=10.0-update4
Adobe ColdFusion	=10.0-update8
Adobe ColdFusion	=11.0

Remedy

http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0572?
CVE-2014-0572 is classified as a medium-severity vulnerability that allows local users to bypass IP-based access restrictions.
How do I fix CVE-2014-0572?
To fix CVE-2014-0572, update Adobe ColdFusion to the latest version or apply the security updates that address this vulnerability.
What versions of Adobe ColdFusion are affected by CVE-2014-0572?
CVE-2014-0572 affects Adobe ColdFusion versions 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2.
Can CVE-2014-0572 be exploited remotely?
CVE-2014-0572 is a local vulnerability, meaning it requires local access to the system to exploit.
What types of attacks can be conducted due to CVE-2014-0572?
Due to CVE-2014-0572, local users could potentially gain unauthorized access to services restricted by IP-based controls.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/remedy
agent/weakness
agent/author
agent/tags
agent/description
agent/event
agent/first-publish-date
agent/source
vendor/adobe
canonical/adobe coldfusion
version/adobe coldfusion/9.0
version/adobe coldfusion/9.0-update_10
version/adobe coldfusion/9.0-update_12
version/adobe coldfusion/9.0.1
version/adobe coldfusion/9.0.1-update_11
version/adobe coldfusion/9.0.1-update_9
version/adobe coldfusion/9.0.2
version/adobe coldfusion/9.0.2-update_4
version/adobe coldfusion/9.0.2-update_6
version/adobe coldfusion/10.0
version/adobe coldfusion/10.0-update1
version/adobe coldfusion/10.0-update11
version/adobe coldfusion/10.0-update12
version/adobe coldfusion/10.0-update2
version/adobe coldfusion/10.0-update3
version/adobe coldfusion/10.0-update4
version/adobe coldfusion/10.0-update8
version/adobe coldfusion/11.0

Frequently Asked Questions

What is the severity of CVE-2014-0572?
CVE-2014-0572 is classified as a medium-severity vulnerability that allows local users to bypass IP-based access restrictions.
How do I fix CVE-2014-0572?
To fix CVE-2014-0572, update Adobe ColdFusion to the latest version or apply the security updates that address this vulnerability.
What versions of Adobe ColdFusion are affected by CVE-2014-0572?
CVE-2014-0572 affects Adobe ColdFusion versions 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2.
Can CVE-2014-0572 be exploited remotely?
CVE-2014-0572 is a local vulnerability, meaning it requires local access to the system to exploit.
What types of attacks can be conducted due to CVE-2014-0572?
Due to CVE-2014-0572, local users could potentially gain unauthorized access to services restricted by IP-based controls.

CVE-2014-0572

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0572?

How do I fix CVE-2014-0572?

What versions of Adobe ColdFusion are affected by CVE-2014-0572?

Can CVE-2014-0572 be exploited remotely?

What types of attacks can be conducted due to CVE-2014-0572?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-0572?

How do I fix CVE-2014-0572?

What versions of Adobe ColdFusion are affected by CVE-2014-0572?

Can CVE-2014-0572 be exploited remotely?

What types of attacks can be conducted due to CVE-2014-0572?