The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7 does not log failed authentication attempts, which makes it easier for remote attackers to conduct brute force attacks without detection.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.07438
Percentile: 0.91313

CVSS Scoring

Affected Products

• cpe:2.3:a:adobe:coldfusion:7.0:*:*:*:*:*:*:*
• cpe:2.3:a:adobe:coldfusion:8.0:*:*:*:*:*:*:*

← Back to Home