CVE CVE-2010-5290 Mappings

The authentication process in Adobe ColdFusion before 10 does not require knowledge of the cleartext password if the password hash is known, which makes it easier for context-dependent attackers to obtain administrative privileges by leveraging read access to the configuration file, a different vulnerability than CVE-2010-2861.


Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2010-5290 n/a uncategorized T1550.002 Pass the Hash
CVE-2010-5290 n/a uncategorized T1552.001 Credentials In Files