What is CVE-2020-3761?

CVE-2020-3761 is a remote file read vulnerability in ColdFusion versions 2016 and 2018.

How severe is CVE-2020-3761?

CVE-2020-3761 has a severity score of 7.5, which is considered high.

What software versions are affected by CVE-2020-3761?

ColdFusion versions 2016 and 2018 are affected by CVE-2020-3761.

What can a successful exploitation of CVE-2020-3761 lead to?

A successful exploitation of CVE-2020-3761 can lead to arbitrary file read from the ColdFusion install directory.

Where can I find more information about CVE-2020-3761?

You can find more information about CVE-2020-3761 on Adobe's security advisory page: https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html

Vulnerability/
CVE-2020-3761

high

7.5

25/3/2020

4/8/2024

CVE-2020-3761

First published: Wed Mar 25 2020(Updated: )

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a remote file read vulnerability. Successful exploitation could lead to arbitrary file read from the coldfusion install directory.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe ColdFusion	=2016
Adobe ColdFusion	=2016-update1
Adobe ColdFusion	=2016-update10
Adobe ColdFusion	=2016-update11
Adobe ColdFusion	=2016-update12
Adobe ColdFusion	=2016-update13
Adobe ColdFusion	=2016-update2
Adobe ColdFusion	=2016-update3
Adobe ColdFusion	=2016-update4
Adobe ColdFusion	=2016-update5
Adobe ColdFusion	=2016-update6
Adobe ColdFusion	=2016-update7
Adobe ColdFusion	=2016-update8
Adobe ColdFusion	=2016-update9
Adobe ColdFusion	=2018
Adobe ColdFusion	=2018-update1
Adobe ColdFusion	=2018-update2
Adobe ColdFusion	=2018-update3
Adobe ColdFusion	=2018-update4
Adobe ColdFusion	=2018-update5
Adobe ColdFusion	=2018-update6
Adobe ColdFusion	=2018-update7

Never miss a vulnerability like this again

Reference Links

https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html

Frequently Asked Questions

What is CVE-2020-3761?
CVE-2020-3761 is a remote file read vulnerability in ColdFusion versions 2016 and 2018.
How severe is CVE-2020-3761?
CVE-2020-3761 has a severity score of 7.5, which is considered high.
What software versions are affected by CVE-2020-3761?
ColdFusion versions 2016 and 2018 are affected by CVE-2020-3761.
What can a successful exploitation of CVE-2020-3761 lead to?
A successful exploitation of CVE-2020-3761 can lead to arbitrary file read from the ColdFusion install directory.
Where can I find more information about CVE-2020-3761?
You can find more information about CVE-2020-3761 on Adobe's security advisory page: https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html

collector/nvd-index
agent/references
agent/severity
agent/author
agent/tags
agent/type
agent/event
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/adobe
canonical/adobe coldfusion
version/adobe coldfusion/2016
version/adobe coldfusion/2016-update1
version/adobe coldfusion/2016-update10
version/adobe coldfusion/2016-update11
version/adobe coldfusion/2016-update12
version/adobe coldfusion/2016-update13
version/adobe coldfusion/2016-update2
version/adobe coldfusion/2016-update3
version/adobe coldfusion/2016-update4
version/adobe coldfusion/2016-update5
version/adobe coldfusion/2016-update6
version/adobe coldfusion/2016-update7
version/adobe coldfusion/2016-update8
version/adobe coldfusion/2016-update9
version/adobe coldfusion/2018
version/adobe coldfusion/2018-update1
version/adobe coldfusion/2018-update2
version/adobe coldfusion/2018-update3
version/adobe coldfusion/2018-update4
version/adobe coldfusion/2018-update5
version/adobe coldfusion/2018-update6
version/adobe coldfusion/2018-update7