CVE-2005-4345

3 documents3 sources

Severity

7.2HIGH

EPSS

0.0%

top 98.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Macromedia Coldfusion

Timeline

PublishedDec 19

Latest updateMay 1

Description

Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDmacromedia/coldfusion7.0

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: www.macromedia.com ↗

🔴Vulnerability Details

GHSA

GHSA-3xm7-55j5-w53p: Adobe (formerly Macromedia) ColdFusion MX 7↗2022-05-01

▶

CVEList

CVE-2005-4345: Adobe (formerly Macromedia) ColdFusion MX 7↗2005-12-17

▶