Vulnerability Details
Basic Information
| Title | CVE-2025-43562 |
|---|---|
| Type | cve |
| Published | 2025-05-13T21:16:15 |
| Last Seen | 2025-05-13T21:23:34 |
| CVSS Score | 9.1 (CRITICAL) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | HIGH |
| User Interaction | NONE |
| Scope | CHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
CVE Information
| CVE IDs | CVE-2025-43562 |
|---|---|
| CWE | CWE-78 |
| Bulletin Family | cve |
Description
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could result in arbitrary code execution in the context…
Impact Assessment
| Base Score | 9.1 |
|---|---|
| Severity | CRITICAL |