PT-2018-13304 · Adobe · Coldfusion
Publicado
2018-09-25
·
Atualizado
2020-09-04
·
CVE-2018-15959
CVSS v3.1
10
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Adobe ColdFusion versions 2018.0.0.310739 through Update 6
Adobe ColdFusion versions through Update 14
Description
The issue is related to the deserialization of untrusted data, which could lead to arbitrary code execution if successfully exploited.
Recommendations
For Adobe ColdFusion versions 2018.0.0.310739 through Update 6, update to a version later than Update 6.
For Adobe ColdFusion versions through Update 14, update to a version later than Update 14.
Correção
Deserialization of Untrusted Data
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Coldfusion