CVE-2013-0629

Warnung

EPSS 80.91%
Veröffentlicht 09.01.2013 01:55:03
Zuletzt bearbeitet 22.10.2025 01:15:46
Quelle psirt@adobe.com
CVE-Watchlists
Login
Unerledigt
Login

Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Adobe ≫ Coldfusion Version9.0

   Apple ≫ macOS X Version-
   Microsoft ≫ Windows Version-
   Opengroup ≫ Unix Version-

Adobe ≫ Coldfusion Version9.0.1

   Apple ≫ macOS X Version-
   Microsoft ≫ Windows Version-
   Opengroup ≫ Unix Version-

Adobe ≫ Coldfusion Version9.0.2

   Apple ≫ macOS X Version-
   Microsoft ≫ Windows Version-
   Opengroup ≫ Unix Version-

Adobe ≫ Coldfusion Version10.0

   Apple ≫ macOS X Version-
   Microsoft ≫ Windows Version-
   Opengroup ≫ Unix Version-

07.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Adobe ColdFusion Directory Traversal Vulnerability

Schwachstelle

Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	80.91%	0.991

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

http://www.adobe.com/support/security/advisories/apsa13-01.html

Vendor Advisory

http://www.adobe.com/support/security/bulletins/apsb13-03.html

Not Applicable

http://www.securityfocus.com/bid/57165

Third Party Advisory

Broken Link

VDB Entry

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0629

https://nvd.nist.gov/vuln/detail/CVE-2013-0629

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-0629

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-0629

EUVD