CVE-2020-3768 - CERT CVE

  1. CVE-2020-3768

ID CVE-2020-3768
Sažetak ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
Reference
CVSS
Base: 4.4
Impact: 6.4
Exploitability:3.4
Pristup
VektorSloženostAutentikacija
LOCAL MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:L/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 04-09-2020 - 14:22
Objavljeno 26-06-2020 - 21:15