Lucene search
MitreCVE-1999-0760HistoryMay 07, 2001 - 4:00 a.m.
CVE-1999-0760
2001-05-0704:00:00
mitre
web.nvd.nist.gov
38
coldfusion
cfml tags
privilege escalation
nvd
cve-1999-0760
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.014
Percentile
86.4%
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
Affected configurations
Node
allairecoldfusion_serverMatch2.0
ORallairecoldfusion_serverMatch3.0
ORallairecoldfusion_serverMatch3.0.1
ORallairecoldfusion_serverMatch3.1
ORallairecoldfusion_serverMatch3.1.1
ORallairecoldfusion_serverMatch3.1.2
ORallairecoldfusion_serverMatch4.0
ORallairecoldfusion_serverMatch4.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| allaire | coldfusion_server | 2.0 | cpe:2.3:a:allaire:coldfusion_server:2.0:*:*:*:*:*:*:* |
| allaire | coldfusion_server | 3.0 | cpe:2.3:a:allaire:coldfusion_server:3.0:*:*:*:*:*:*:* |
| allaire | coldfusion_server | 3.0.1 | cpe:2.3:a:allaire:coldfusion_server:3.0.1:*:*:*:*:*:*:* |
| allaire | coldfusion_server | 3.1 | cpe:2.3:a:allaire:coldfusion_server:3.1:*:*:*:*:*:*:* |
| allaire | coldfusion_server | 3.1.1 | cpe:2.3:a:allaire:coldfusion_server:3.1.1:*:*:*:*:*:*:* |
| allaire | coldfusion_server | 3.1.2 | cpe:2.3:a:allaire:coldfusion_server:3.1.2:*:*:*:*:*:*:* |
| allaire | coldfusion_server | 4.0 | cpe:2.3:a:allaire:coldfusion_server:4.0:*:*:*:*:*:*:* |
| allaire | coldfusion_server | 4.0.1 | cpe:2.3:a:allaire:coldfusion_server:4.0.1:*:*:*:*:*:*:* |
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.014
Percentile
86.4%
Related for CVE-1999-0760