What is CVE-2019-7816?

CVE-2019-7816 is a vulnerability in ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier, which allows for file upload restriction bypass and could lead to arbitrary code execution.

How severe is CVE-2019-7816?

CVE-2019-7816 has a severity rating of 9.8 out of 10, which is classified as critical.

Which versions of ColdFusion are affected by CVE-2019-7816?

CVE-2019-7816 affects ColdFusion versions 11.0, 2016, and 2018 (including various updates for each version).

How can CVE-2019-7816 be exploited?

Successful exploitation of CVE-2019-7816 could lead to arbitrary code execution.

Where can I find more information about CVE-2019-7816?

More information about CVE-2019-7816 can be found at the following reference: [link](https://helpx.adobe.com/security/products/coldfusion/apsb19-14.html)

Vulnerability/
CVE-2019-7816

critical

CWE

434

24/5/2019

4/9/2020

CVE-2019-7816: Malicious File Upload

First published: Fri May 24 2019(Updated: )

ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe ColdFusion	=11.0
Adobe ColdFusion	=11.0-update1
Adobe ColdFusion	=11.0-update10
Adobe ColdFusion	=11.0-update11
Adobe ColdFusion	=11.0-update12
Adobe ColdFusion	=11.0-update13
Adobe ColdFusion	=11.0-update14
Adobe ColdFusion	=11.0-update15
Adobe ColdFusion	=11.0-update16
Adobe ColdFusion	=11.0-update17
Adobe ColdFusion	=11.0-update2
Adobe ColdFusion	=11.0-update3
Adobe ColdFusion	=11.0-update4
Adobe ColdFusion	=11.0-update5
Adobe ColdFusion	=11.0-update6
Adobe ColdFusion	=11.0-update7
Adobe ColdFusion	=11.0-update8
Adobe ColdFusion	=11.0-update9
Adobe ColdFusion	=2016
Adobe ColdFusion	=2016-update1
Adobe ColdFusion	=2016-update2
Adobe ColdFusion	=2016-update3
Adobe ColdFusion	=2016-update4
Adobe ColdFusion	=2016-update5
Adobe ColdFusion	=2016-update6
Adobe ColdFusion	=2016-update7
Adobe ColdFusion	=2016-update8
Adobe ColdFusion	=2016-update9
Adobe ColdFusion	=2018
Adobe ColdFusion	=2018-update1
Adobe ColdFusion	=2018-update2

Never miss a vulnerability like this again

Reference Links

https://helpx.adobe.com/security/products/coldfusion/apsb19-14.html

Frequently Asked Questions

What is CVE-2019-7816?
CVE-2019-7816 is a vulnerability in ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier, which allows for file upload restriction bypass and could lead to arbitrary code execution.
How severe is CVE-2019-7816?
CVE-2019-7816 has a severity rating of 9.8 out of 10, which is classified as critical.
Which versions of ColdFusion are affected by CVE-2019-7816?
CVE-2019-7816 affects ColdFusion versions 11.0, 2016, and 2018 (including various updates for each version).
How can CVE-2019-7816 be exploited?
Successful exploitation of CVE-2019-7816 could lead to arbitrary code execution.
Where can I find more information about CVE-2019-7816?
More information about CVE-2019-7816 can be found at the following reference: [link](https://helpx.adobe.com/security/products/coldfusion/apsb19-14.html)

collector/nvd-index
vendor/adobe
canonical/adobe coldfusion
version/adobe coldfusion/11.0
version/adobe coldfusion/11.0-update1
version/adobe coldfusion/11.0-update10
version/adobe coldfusion/11.0-update11
version/adobe coldfusion/11.0-update12
version/adobe coldfusion/11.0-update13
version/adobe coldfusion/11.0-update14
version/adobe coldfusion/11.0-update15
version/adobe coldfusion/11.0-update16
version/adobe coldfusion/11.0-update17
version/adobe coldfusion/11.0-update2
version/adobe coldfusion/11.0-update3
version/adobe coldfusion/11.0-update4
version/adobe coldfusion/11.0-update5
version/adobe coldfusion/11.0-update6
version/adobe coldfusion/11.0-update7
version/adobe coldfusion/11.0-update8
version/adobe coldfusion/11.0-update9
version/adobe coldfusion/2016
version/adobe coldfusion/2016-update1
version/adobe coldfusion/2016-update2
version/adobe coldfusion/2016-update3
version/adobe coldfusion/2016-update4
version/adobe coldfusion/2016-update5
version/adobe coldfusion/2016-update6
version/adobe coldfusion/2016-update7
version/adobe coldfusion/2016-update8
version/adobe coldfusion/2016-update9
version/adobe coldfusion/2018
version/adobe coldfusion/2018-update1
version/adobe coldfusion/2018-update2