CVE-2013-0625

Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:coldfusion:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:9.0.2:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*

History

22 Oct 2025, 01:15

Type Values Removed Values Added
References
  • () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0625 -

21 Oct 2025, 20:16

Type Values Removed Values Added
References
  • {'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0625', 'source': '134c704f-9b21-4f2e-91b3-4a467353bcc0'}

21 Oct 2025, 19:16

Type Values Removed Values Added
References
  • () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0625 -

Information

Published : 2013-01-09 01:55

Updated : 2025-10-22 01:15


NVD link : CVE-2013-0625

Mitre link : CVE-2013-0625

CVE.ORG link : CVE-2013-0625


JSON object : View

Products Affected

adobe

  • coldfusion

microsoft

  • windows

opengroup

  • unix

apple

  • mac_os_x
CWE
CWE-287

Improper Authentication