CVE-2013-0631

HIGH KEV

Adobe ColdFusion <9.0.2 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2013-0631 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 7, 2022.

Description

Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013.

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.8163
EPSS Percentile 99.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation active
Automatable yes
Technical Impact partial

Details

CISA KEV 2022-03-07
VulnCheck KEV 2013-01-09
InTheWild.io 2013-01-18
ENISA EUVD EUVD-2013-0642
Status published
Products (3)
adobe/coldfusion 9.0
adobe/coldfusion 9.0.1
adobe/coldfusion 9.0.2
Published Jan 09, 2013
KEV Added Mar 07, 2022
Tracked Since Feb 18, 2026