CVE-2020-3794

Summary

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory.

Affected Software

VendorProductVersion RangeStatus
AdobeColdFusionColdFusion 2016, and ColdFusion 2018 versionsaffected

Weaknesses

  • File inclusion

ADP Enrichment

CVE Program Container

Additional References

References