CVE-2018-4942

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure.

Link	Resource
https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html	Vendor Advisory
http://www.securityfocus.com/bid/103718	Third Party Advisory VDB Entry

Configuration 1

cpe:2.3:a:adobe:coldfusion:2016:-:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:-:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update1:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update10:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update11:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update12:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update13:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update2:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update3:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update4:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update5:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update6:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update7:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update8:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:11.0:update9:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2016:update1:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2016:update2:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2016:update3:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2016:update4:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2016:update5:*:*:*:*:*:*

---

Published : 2018-05-19 05:29

Updated : 2020-09-04 02:09

---

NVD link : CVE-2018-4942

Mitre link : CVE-2018-4942

No products.

CWE-611

Improper Restriction of XML External Entity Reference