CVE-2011-0736

01.02.2011, 18:00

Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file.  NOTE: the vendor disputes the significance of this issue because the Site-wide Error Handler and Debug Output Settings sections of the ColdFusion Lockdown guide explain the requirement for settings that prevent this information disclosure

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 73%

Vendor	Product	Version
adobe	coldfusion	𝑥 ≤ 9.0.1
adobe	coldfusion	4.5
adobe	coldfusion	5.0
adobe	coldfusion	6.0
adobe	coldfusion	6.1
adobe	coldfusion	7.0
adobe	coldfusion	7.0.1
adobe	coldfusion	7.0.2
adobe	coldfusion	8.0
adobe	coldfusion	8.0.1
adobe	coldfusion	8.1
adobe	coldfusion	9.0
adobe	coldfusion	9.0.1

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0537.html

http://osvdb.org/70780

http://websecurity.com.ua/4879/

http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0537.html

http://osvdb.org/70780

http://websecurity.com.ua/4879/