Vulnerability Details
Basic Information
| Title | CVE-2025-43564 |
|---|---|
| Type | cve |
| Published | 2025-05-13T21:16:16 |
| Last Seen | 2025-05-13T21:28:33 |
| CVSS Score | 9.1 (CRITICAL) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | HIGH |
| User Interaction | NONE |
| Scope | CHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
CVE Information
| CVE IDs | CVE-2025-43564 |
|---|---|
| CWE | CWE-863 |
| Bulletin Family | cve |
Description
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify…
Impact Assessment
| Base Score | 9.1 |
|---|---|
| Severity | CRITICAL |