CVE-2019-8074
First published: Fri Sep 27 2019(Updated: )
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe ColdFusion | =2016 | |
| Adobe ColdFusion | =2016-update1 | |
| Adobe ColdFusion | =2016-update10 | |
| Adobe ColdFusion | =2016-update11 | |
| Adobe ColdFusion | =2016-update2 | |
| Adobe ColdFusion | =2016-update3 | |
| Adobe ColdFusion | =2016-update4 | |
| Adobe ColdFusion | =2016-update5 | |
| Adobe ColdFusion | =2016-update6 | |
| Adobe ColdFusion | =2016-update7 | |
| Adobe ColdFusion | =2016-update8 | |
| Adobe ColdFusion | =2016-update9 | |
| Adobe ColdFusion | =2018 | |
| Adobe ColdFusion | =2018-update1 | |
| Adobe ColdFusion | =2018-update2 | |
| Adobe ColdFusion | =2018-update3 | |
| Adobe ColdFusion | =2018-update4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-8074?
CVE-2019-8074 is a Path Traversal vulnerability in ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier.
What is the severity of CVE-2019-8074?
CVE-2019-8074 is considered critical with a severity score of 9.8.
How can CVE-2019-8074 be exploited?
Successful exploitation of CVE-2019-8074 could lead to Access Control Bypass in the context of the current user.
Which versions of ColdFusion are affected by CVE-2019-8074?
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier are affected by CVE-2019-8074.
How can I fix CVE-2019-8074?
To fix CVE-2019-8074, it is recommended to update to the latest versions of ColdFusion or apply the necessary patches or updates provided by Adobe.
- collector/nvd-index
- vendor/adobe
- product/coldfusion
- canonical/adobe coldfusion