{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T17:00:46.907","vulnerabilities":[{"cve":{"id":"CVE-2025-30288","sourceIdentifier":"psirt@adobe.com","published":"2025-04-08T20:15:26.583","lastModified":"2025-04-21T18:33:41.280","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low privileged attacker with local access could leverage this vulnerability to bypass security protections and execute code. Exploitation of this issue requires user interaction in that a victim must be coerced into performing actions within the application and scope is changed."},{"lang":"es","value":"Las versiones 2023.12, 2021.18, 2025.0 y anteriores de ColdFusion se ven afectadas por una vulnerabilidad de control de acceso inadecuado que podría provocar la omisión de una función de seguridad. Un atacante podría aprovechar esta vulnerabilidad para eludir las medidas de seguridad y obtener acceso no autorizado. Para explotar este problema no se requiere la interacción del usuario."}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*","matchCriteriaId":"7A94B406-C011-4673-8C2B-0DD94D46CC4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:*","matchCriteriaId":"AFD05E3A-10F9-4C75-9710-BA46B66FF6E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update10:*:*:*:*:*:*","matchCriteriaId":"F1FC7D1D-6DD2-48B2-980F-B001B0F24473"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update11:*:*:*:*:*:*","matchCriteriaId":"1FA19E1D-61C2-4640-AF06-4BCFE750BDF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update12:*:*:*:*:*:*","matchCriteriaId":"3F331DEA-F3D0-4B13-AB1E-6FE39B2BB55D"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update13:*:*:*:*:*:*","matchCriteriaId":"63D5CF84-4B0D-48AE-95D6-262AEA2FFDE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update14:*:*:*:*:*:*","matchCriteriaId":"10616A3A-0C1C-474A-BD7D-A2A5BB870F74"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update15:*:*:*:*:*:*","matchCriteriaId":"D7DA523E-1D9B-45FD-94D9-D4F9F2B9296B"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update16:*:*:*:*:*:*","matchCriteriaId":"151AFF8B-F05C-4D27-85FC-DF88E9C11BEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update17:*:*:*:*:*:*","matchCriteriaId":"53A0E245-2915-4DFF-AFB5-A12F5C435702"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update18:*:*:*:*:*:*","matchCriteriaId":"C5653D18-7534-48A3-819F-9F049A418F99"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:*","matchCriteriaId":"D57C8681-AC68-47DF-A61E-B5C4B4A47663"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:*","matchCriteriaId":"75608383-B727-48D6-8FFA-D552A338A562"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:*","matchCriteriaId":"7773DB68-414A-4BA9-960F-52471A784379"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:*","matchCriteriaId":"B38B9E86-BCD5-4BCA-8FB7-EC55905184E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:*","matchCriteriaId":"5E7BAB80-8455-4570-A2A2-8F40469EE9CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update7:*:*:*:*:*:*","matchCriteriaId":"F9D645A2-E02D-4E82-A2BD-0A7DE5B8FBCC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update8:*:*:*:*:*:*","matchCriteriaId":"6E22D701-B038-4795-AA32-A18BC93C2B6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update9:*:*:*:*:*:*","matchCriteriaId":"CAC4A0EC-C3FC-47D8-86CE-0E6A87A7F0B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*","matchCriteriaId":"B02A37FE-5D31-4892-A3E6-156A8FE62D28"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*","matchCriteriaId":"0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update10:*:*:*:*:*:*","matchCriteriaId":"645D1B5F-2DAB-4AB8-A465-AC37FF494F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update11:*:*:*:*:*:*","matchCriteriaId":"ED6D8996-0770-4C9F-BEA5-87EA479D40A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update12:*:*:*:*:*:*","matchCriteriaId":"4836086E-3D4A-4A07-A372-382D385CB490"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*","matchCriteriaId":"EB88D4FE-5496-4639-BAF2-9F29F24ABF29"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*","matchCriteriaId":"43E0ED98-2C1F-40B8-AF60-FEB1D85619C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*","matchCriteriaId":"76204873-C6E0-4202-8A03-0773270F1802"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*","matchCriteriaId":"C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:*","matchCriteriaId":"E3A83642-BF14-4C37-BD94-FA76AABE8ADC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update7:*:*:*:*:*:*","matchCriteriaId":"A892E1DC-F2C8-4F53-8580-A2D1BEED5A25"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update8:*:*:*:*:*:*","matchCriteriaId":"DB97ADBA-C1A9-4EE0-9509-68CB12358AE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update9:*:*:*:*:*:*","matchCriteriaId":"E17C38F0-9B0F-4433-9CBD-6E3D63EA9BDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:-:*:*:*:*:*:*","matchCriteriaId":"30779417-D4E5-4A01-BE0E-1CE1D134292A"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}}]}