vulnerability

APSB20-16: Security updates available for ColdFusion | APSB20-16 (CVE-2020-3794)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Mar 17, 2020	Mar 18, 2020	Aug 11, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Mar 17, 2020

Added

Mar 18, 2020

Modified

Aug 11, 2025

Description

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory.

Solutions

adobe-coldfusion-2016-release-update-14adobe-coldfusion-2018-release-update-8

References

CVE-2020-3794
https://attackerkb.com/topics/CVE-2020-3794
CWE-829
URL-https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today