Adobe ColdFusion 2016 update 15 Untrusted Search Path Vulnerability

Summary

Adobe ColdFusion 2016 update 15 suffers from untrusted search path vulnerability

Credit:

The information has been provided by Nuttakorn Tungpoonsup

The original article can be found at:https://helpx.adobe.com/security/products/coldfusion/apsb20-43.html


Details

Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.

 

Vulnerable Systems:

Adobe ColdFusion 2016 update 15 

ColdFusion 2018 update 9 

 

CVE Information:

CVE-2020-9672

 

Disclosure Timeline:
Published Date:7/16/2020

Categories: FeaturedNews