1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Adobe ColdFusion Directory Traversal Vulnerability

Known Exploited Vulnerabilities CVE-2013-0629

Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2013-0629 Adobe ColdFusion Directory Traversal Vulnerability secondary_impact T1005 Data from Local System
Comments
This is an exploitation of a public-facing server due to password misconfiguration. Exploitation allows attackers to access restricted directories
References
  1. https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=34403
  2. https://www.exploit-db.com/exploits/24946
CVE-2013-0629 Adobe ColdFusion Directory Traversal Vulnerability primary_impact T1202 Indirect Command Execution
Comments
This is an exploitation of a public-facing server due to password misconfiguration. Exploitation allows attackers to access restricted directories
References
  1. https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=34403
  2. https://www.exploit-db.com/exploits/24946
CVE-2013-0629 Adobe ColdFusion Directory Traversal Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This is an exploitation of a public-facing server due to password misconfiguration. Exploitation allows attackers to access restricted directories.
References
  1. https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=34403
  2. https://www.exploit-db.com/exploits/24946