How severe is CVE-2018-15964?

CVE-2018-15964 has a severity rating of 7.5 (High).

Which versions of Adobe ColdFusion are affected by CVE-2018-15964?

Adobe ColdFusion versions 11.0 - 11.0-update14 and 2016 - 2016-update6 are affected by CVE-2018-15964.

How can CVE-2018-15964 be fixed?

To fix CVE-2018-15964, users should upgrade to the latest version of Adobe ColdFusion.

Where can I find more information about CVE-2018-15964?

More information about CVE-2018-15964 can be found on the Adobe ColdFusion Security Bulletin APSB18-33.

Vulnerability/
CVE-2018-15964

high

7.5

CWE

200

25/9/2018

4/9/2020

CVE-2018-15964: Infoleak

First published: Tue Sep 25 2018(Updated: )

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe ColdFusion	=11.0
Adobe ColdFusion	=11.0-update1
Adobe ColdFusion	=11.0-update10
Adobe ColdFusion	=11.0-update11
Adobe ColdFusion	=11.0-update12
Adobe ColdFusion	=11.0-update13
Adobe ColdFusion	=11.0-update14
Adobe ColdFusion	=11.0-update2
Adobe ColdFusion	=11.0-update3
Adobe ColdFusion	=11.0-update4
Adobe ColdFusion	=11.0-update5
Adobe ColdFusion	=11.0-update6
Adobe ColdFusion	=11.0-update7
Adobe ColdFusion	=11.0-update8
Adobe ColdFusion	=11.0-update9
Adobe ColdFusion	=2016
Adobe ColdFusion	=2016-update1
Adobe ColdFusion	=2016-update2
Adobe ColdFusion	=2016-update3
Adobe ColdFusion	=2016-update4
Adobe ColdFusion	=2016-update5
Adobe ColdFusion	=2016-update6
Adobe ColdFusion	=2018

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-15964?
CVE-2018-15964 is a vulnerability in Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier that allows for information disclosure.
How severe is CVE-2018-15964?
CVE-2018-15964 has a severity rating of 7.5 (High).
Which versions of Adobe ColdFusion are affected by CVE-2018-15964?
Adobe ColdFusion versions 11.0 - 11.0-update14 and 2016 - 2016-update6 are affected by CVE-2018-15964.
How can CVE-2018-15964 be fixed?
To fix CVE-2018-15964, users should upgrade to the latest version of Adobe ColdFusion.
Where can I find more information about CVE-2018-15964?
More information about CVE-2018-15964 can be found on the Adobe ColdFusion Security Bulletin APSB18-33.

collector/nvd-index
agent/references
agent/weakness
agent/severity
agent/author
agent/tags
agent/type
agent/description
agent/event
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
vendor/adobe
canonical/adobe coldfusion
version/adobe coldfusion/11.0
version/adobe coldfusion/11.0-update1
version/adobe coldfusion/11.0-update10
version/adobe coldfusion/11.0-update11
version/adobe coldfusion/11.0-update12
version/adobe coldfusion/11.0-update13
version/adobe coldfusion/11.0-update14
version/adobe coldfusion/11.0-update2
version/adobe coldfusion/11.0-update3
version/adobe coldfusion/11.0-update4
version/adobe coldfusion/11.0-update5
version/adobe coldfusion/11.0-update6
version/adobe coldfusion/11.0-update7
version/adobe coldfusion/11.0-update8
version/adobe coldfusion/11.0-update9
version/adobe coldfusion/2016
version/adobe coldfusion/2016-update1
version/adobe coldfusion/2016-update2
version/adobe coldfusion/2016-update3
version/adobe coldfusion/2016-update4
version/adobe coldfusion/2016-update5
version/adobe coldfusion/2016-update6
version/adobe coldfusion/2018

CVE-2018-15964: Infoleak

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-15964?

How severe is CVE-2018-15964?

Which versions of Adobe ColdFusion are affected by CVE-2018-15964?

How can CVE-2018-15964 be fixed?

Where can I find more information about CVE-2018-15964?

Company

Resources

Contact