CVE-2003-1469

Description

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.

Related CPE's

Could not find any relations

References

20030426 NII Advisory - Path Disclosure in Cold Fusion MX Server

http://www.nii.co.in/vuln/pdmac.html

7443

Exploit

3307

coldfusion-mx-path-disclosure(11879)

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:N/I:P/A:N

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

PARTIAL

AvailabilityImpact

NONE

BaseScore

5

Created by Yello
About Severity.io