Description

This ColdFusion web application is running with Robust Exception turned on. The Robust Exception feature displays detailed information about exceptions and can include the script locations, stack traces, SQL statements, etc.

Remediation

Disable Robust Exception feature in the ColdFusion Administrator.

References

Configuring debugging in the ColdFusion Administrator

Related Vulnerabilities

WordPress Plugin SS Downloads Cross-Site Request Forgery and Information Disclosure Vulnerabilities (1.4.3)

WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.9.5.1)

WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1052)

Unrestricted access to ImageResizer Diagnotics plugin

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure