CVE-2022-38420

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interaction.

Link	Resource
https://helpx.adobe.com/security/products/coldfusion/apsb22-44.html	Patch Vendor Advisory

Configuration 1

cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update1:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update2:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update3:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update4:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update5:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update6:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update7:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update8:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update9:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update10:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update13:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update12:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update11:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:* cpe:2.3:a:adobe:coldfusion:2018:update14:*:*:*:*:*:*

---

Published : 2022-10-14 08:15

Updated : 2022-10-20 05:43

---

NVD link : CVE-2022-38420

Mitre link : CVE-2022-38420

No products.

CWE-798