CNNVD-202507-1189 Information

CNNVD ID

CNNVD-202507-1189

Related CVE

CVE-2025-49551

• CNNVD Published: 2025-07-08

Description (Chinese)

Adobe ColdFusion是美国奥多比（Adobe）公司的一套快速应用程序开发平台。该平台包括集成开发环境和脚本语言。 Adobe ColdFusion 2025.2及之前版本、2023.14及之前版本和2021.20及之前版本存在信任管理问题漏洞，该漏洞源于硬编码凭证使用，可能导致权限提升。

Description (English)

Adobe ColdFusion is a fast-track application development platform for Adobe in the United States. The platform includes an integrated development environment and script language. There is a trust management gap in Adobe ColdFusion 2025.2 and earlier, 2023.14 and earlier, and 2021.20 and earlier, which stems from the use of hard-coded vouchers, which may lead to enhanced privileges.

Hazard Level

Medium

Vulnerability Type

信任管理问题

Affected Vendor

奥多比

Published

2025-07-08

Last Modified

2026-02-24

References

https://helpx.adobe.com/security/products/coldfusion/apsb25-69.html

Patch

https://helpx.adobe.com/security/products/coldfusion/apsb25-69.html