Inherently Dangerous Function Vulnerability in ColdFusion 2021 and 2018.10

Inherently Dangerous Function Vulnerability in ColdFusion 2021 and 2018.10

CVE-2021-40698 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass  . An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.

Learn more about our Web Application Penetration Testing UK.