Back to search
CVE-2013-0632
Published: Jan 17, 2013
Modified: Oct 22, 2025
PUBLISHED
Description
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative web interface, as exploited in the wild in January 2013.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
30210
exploit
x_refsource_EXPLOIT-DB
http://www.adobe.com/support/security/bulletins/apsb13-03.html
x_refsource_CONFIRM
http://www.adobe.com/support/security/advisories/apsa13-01.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now