PT-2018-13302 · Adobe · Coldfusion
Published
2018-09-25
·
Updated
2025-05-06
·
CVE-2018-15957
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Adobe ColdFusion versions 2018.0.0.310739 through Update 6
Adobe ColdFusion versions through Update 14
Description
The issue is related to the deserialization of untrusted data, which could lead to arbitrary code execution if successfully exploited.
Recommendations
For Adobe ColdFusion versions 2018.0.0.310739 through Update 6, update to a version later than Update 6.
For Adobe ColdFusion versions through Update 14, update to a version later than Update 14.
Fix
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Coldfusion