Path Traversal Vulnerability in Adobe ColdFusion Products
CVE-2025-30290
8.7HIGH
Summary
Adobe ColdFusion is susceptible to a path traversal vulnerability that could allow attackers to circumvent security features. By exploiting this flaw, an attacker could gain unauthorized access to files and directories located outside of the designated restricted area. Successful exploitation necessitates user interaction, posing a significant risk to the integrity and confidentiality of sensitive information stored within the system.
Affected Version(s)
ColdFusion 0 <= 2025.0
References
CVSS V3.1
Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved