What is the severity of CVE-2025-30291?

CVE-2025-30291 is rated as a medium severity vulnerability.

How do I fix CVE-2025-30291?

To fix CVE-2025-30291, upgrade Adobe ColdFusion to version 2023.12 or later.

What versions of ColdFusion are affected by CVE-2025-30291?

CVE-2025-30291 affects Adobe ColdFusion versions 2023.12, 2021.18, 2025.0, and earlier.

What type of vulnerability is CVE-2025-30291?

CVE-2025-30291 is categorized as an Information Exposure vulnerability.

What are the potential consequences of CVE-2025-30291?

Exploitation of CVE-2025-30291 could lead to a security feature bypass, allowing access to sensitive information.

Vulnerability/
CVE-2025-30291

high

7.5

CWE

200

8/4/2025

14/4/2025

CVE-2025-30291: ColdFusion | Information Exposure (CWE-200)

First published: Tue Apr 08 2025(Updated: )

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to gain access to sensitive information which could be used to further compromise the system or bypass security mechanisms. Exploitation of this issue does not require user interaction.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe ColdFusion	<2023.12
Adobe ColdFusion	=2021
Adobe ColdFusion	=2021-update1
Adobe ColdFusion	=2021-update10
Adobe ColdFusion	=2021-update11
Adobe ColdFusion	=2021-update12
Adobe ColdFusion	=2021-update13
Adobe ColdFusion	=2021-update14
Adobe ColdFusion	=2021-update15
Adobe ColdFusion	=2021-update16
Adobe ColdFusion	=2021-update17
Adobe ColdFusion	=2021-update18
Adobe ColdFusion	=2021-update2
Adobe ColdFusion	=2021-update3
Adobe ColdFusion	=2021-update4
Adobe ColdFusion	=2021-update5
Adobe ColdFusion	=2021-update6
Adobe ColdFusion	=2021-update7
Adobe ColdFusion	=2021-update8
Adobe ColdFusion	=2021-update9
Adobe ColdFusion	=2023
Adobe ColdFusion	=2023-update1
Adobe ColdFusion	=2023-update10
Adobe ColdFusion	=2023-update11
Adobe ColdFusion	=2023-update12
Adobe ColdFusion	=2023-update2
Adobe ColdFusion	=2023-update3
Adobe ColdFusion	=2023-update4
Adobe ColdFusion	=2023-update5
Adobe ColdFusion	=2023-update6
Adobe ColdFusion	=2023-update7
Adobe ColdFusion	=2023-update8
Adobe ColdFusion	=2023-update9
Adobe ColdFusion	=2025

Never miss a vulnerability like this again

Reference Links

https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html

Frequently Asked Questions

What is the severity of CVE-2025-30291?
CVE-2025-30291 is rated as a medium severity vulnerability.
How do I fix CVE-2025-30291?
To fix CVE-2025-30291, upgrade Adobe ColdFusion to version 2023.12 or later.
What versions of ColdFusion are affected by CVE-2025-30291?
CVE-2025-30291 affects Adobe ColdFusion versions 2023.12, 2021.18, 2025.0, and earlier.
What type of vulnerability is CVE-2025-30291?
CVE-2025-30291 is categorized as an Information Exposure vulnerability.
What are the potential consequences of CVE-2025-30291?
Exploitation of CVE-2025-30291 could lead to a security feature bypass, allowing access to sensitive information.

agent/title
agent/references
agent/weakness
agent/first-publish-date
agent/type
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/softwarecombine
agent/author
agent/source
agent/severity
agent/event
agent/tags
agent/last-modified-date
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
vendor/adobe
canonical/adobe coldfusion
version/adobe coldfusion/2021
version/adobe coldfusion/2021-update1
version/adobe coldfusion/2021-update10
version/adobe coldfusion/2021-update11
version/adobe coldfusion/2021-update12
version/adobe coldfusion/2021-update13
version/adobe coldfusion/2021-update14
version/adobe coldfusion/2021-update15
version/adobe coldfusion/2021-update16
version/adobe coldfusion/2021-update17
version/adobe coldfusion/2021-update18
version/adobe coldfusion/2021-update2
version/adobe coldfusion/2021-update3
version/adobe coldfusion/2021-update4
version/adobe coldfusion/2021-update5
version/adobe coldfusion/2021-update6
version/adobe coldfusion/2021-update7
version/adobe coldfusion/2021-update8
version/adobe coldfusion/2021-update9
version/adobe coldfusion/2023
version/adobe coldfusion/2023-update1
version/adobe coldfusion/2023-update10
version/adobe coldfusion/2023-update11
version/adobe coldfusion/2023-update12
version/adobe coldfusion/2023-update2
version/adobe coldfusion/2023-update3
version/adobe coldfusion/2023-update4
version/adobe coldfusion/2023-update5
version/adobe coldfusion/2023-update6
version/adobe coldfusion/2023-update7
version/adobe coldfusion/2023-update8
version/adobe coldfusion/2023-update9
version/adobe coldfusion/2025