CVE-2025-61809
Essential information
- Published
- 10/12/2025 00:16
- Modified
- 12/12/2025 19:04
- Author
- —
- Creator
- —
- CVSS
- 9.1 CRITICAL (v3.1)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N—
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- NETWORK
- Attack complexity
- LOW
- Privileges required
- NONE
- User interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality impact
- HIGH
- Integrity impact
- HIGH
- Availability impact
- NONE
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Attack requirements
- —
- Privileges required
- —
- User interaction
- —
- Confidentiality (V)
- —
- Confidentiality (S)
- —
- Integrity (V)
- —
- Integrity (S)
- —
- Availability (V)
- —
- Availability (S)
- —
- Exploit maturity
- —
Description
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue does not require user interaction and scope is unchanged.
NVD status
- Status
- Analyzed — CVE has had analysis completed and all data associations made.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update10:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update11:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update12:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update13:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update14:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update15:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update16:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update17:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update18:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update19:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update20:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update21:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update22:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update7:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update8:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2021:update9:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update10:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update11:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update12:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update13:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update14:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update15:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update16:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update7:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update8:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2023:update9:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2025:-:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2025:update1:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2025:update2:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2025:update3:*:*:*:*:*:* |
| adobe / coldfusion | cpe:2.3:a:adobe:coldfusion:2025:update4:*:*:*:*:*:* |