Loading
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
Use CWE-284, Adobe vendor hub and Coldfusion product page to widen CVE-2023-38205 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-27304, CVE-2026-27305 and CVE-2026-27306 for nearby disclosures in the same product family.