CVE-2018-4938

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
adobeCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
adobecoldfusion
11.0
adobecoldfusion
11.0:update1
adobecoldfusion
11.0:update10
adobecoldfusion
11.0:update11
adobecoldfusion
11.0:update12
adobecoldfusion
11.0:update13
adobecoldfusion
11.0:update2
adobecoldfusion
11.0:update3
adobecoldfusion
11.0:update4
adobecoldfusion
11.0:update5
adobecoldfusion
11.0:update6
adobecoldfusion
11.0:update7
adobecoldfusion
11.0:update8
adobecoldfusion
11.0:update9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/103718
https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html
http://www.securityfocus.com/bid/103718
https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html