Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:COLDFUSION:ADOBE-COLDF-CE
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	Adobe ColdFusion JavaAdapter JavaBeanAdapter Insecure Deserialization
Release Date	2019/03/12
Update Number	3149
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Adobe ColdFusion JavaAdapter JavaBeanAdapter Insecure Deserialization

This signature detects attempts to exploit a known vulnerability against Adobe ColdFusion. A successful attack can lead to command execution.

Extended Description

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

Affected Products

Adobe coldfusion 11.0
Adobe coldfusion 2016
Adobe coldfusion 2018

References

CVE: CVE-2019-7091

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Adobe ColdFusion JavaAdapter JavaBeanAdapter Insecure Deserialization

Extended Description

Affected Products

References