What is the severity of CVE-2018-4938?

CVE-2018-4938 has a high severity rating due to its potential for local privilege escalation.

How do I fix CVE-2018-4938?

To fix CVE-2018-4938, users should update Adobe ColdFusion to the latest version or apply the necessary security patches provided by Adobe.

What causes CVE-2018-4938?

CVE-2018-4938 is caused by an insecure library loading mechanism that allows unauthorized access to privileged functions.

Which versions of Adobe ColdFusion are affected by CVE-2018-4938?

Adobe ColdFusion versions 11.0 and earlier, including all updates up to and including Update 5, are affected by CVE-2018-4938.

What potential impact could CVE-2018-4938 have?

The exploitation of CVE-2018-4938 could allow an attacker to gain elevated privileges on the affected system, compromising its security.

Vulnerability/
CVE-2018-4938

high

7.8

CWE

427

19/5/2018

5/8/2024

CVE-2018-4938

First published: Sat May 19 2018(Updated: )

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe ColdFusion	=11.0
Adobe ColdFusion	=11.0-update1
Adobe ColdFusion	=11.0-update10
Adobe ColdFusion	=11.0-update11
Adobe ColdFusion	=11.0-update12
Adobe ColdFusion	=11.0-update13
Adobe ColdFusion	=11.0-update2
Adobe ColdFusion	=11.0-update3
Adobe ColdFusion	=11.0-update4
Adobe ColdFusion	=11.0-update5
Adobe ColdFusion	=11.0-update6
Adobe ColdFusion	=11.0-update7
Adobe ColdFusion	=11.0-update8
Adobe ColdFusion	=11.0-update9
Adobe ColdFusion	=2016
Adobe ColdFusion	=2016-update1
Adobe ColdFusion	=2016-update2
Adobe ColdFusion	=2016-update3
Adobe ColdFusion	=2016-update4
Adobe ColdFusion	=2016-update5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-4938?
CVE-2018-4938 has a high severity rating due to its potential for local privilege escalation.
How do I fix CVE-2018-4938?
To fix CVE-2018-4938, users should update Adobe ColdFusion to the latest version or apply the necessary security patches provided by Adobe.
What causes CVE-2018-4938?
CVE-2018-4938 is caused by an insecure library loading mechanism that allows unauthorized access to privileged functions.
Which versions of Adobe ColdFusion are affected by CVE-2018-4938?
Adobe ColdFusion versions 11.0 and earlier, including all updates up to and including Update 5, are affected by CVE-2018-4938.
What potential impact could CVE-2018-4938 have?
The exploitation of CVE-2018-4938 could allow an attacker to gain elevated privileges on the affected system, compromising its security.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/last-modified-date
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe coldfusion
version/adobe coldfusion/11.0
version/adobe coldfusion/11.0-update1
version/adobe coldfusion/11.0-update10
version/adobe coldfusion/11.0-update11
version/adobe coldfusion/11.0-update12
version/adobe coldfusion/11.0-update13
version/adobe coldfusion/11.0-update2
version/adobe coldfusion/11.0-update3
version/adobe coldfusion/11.0-update4
version/adobe coldfusion/11.0-update5
version/adobe coldfusion/11.0-update6
version/adobe coldfusion/11.0-update7
version/adobe coldfusion/11.0-update8
version/adobe coldfusion/11.0-update9
version/adobe coldfusion/2016
version/adobe coldfusion/2016-update1
version/adobe coldfusion/2016-update2
version/adobe coldfusion/2016-update3
version/adobe coldfusion/2016-update4
version/adobe coldfusion/2016-update5