CVE-2019-7091

Summary

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AdobeColdFusionUpdate 1 and earlier, Update 7 and earlier, and Update 15 and earlier versionsaffected

Weaknesses

  • Deserialization of untrusted data

ADP Enrichment

CVE Program Container

Additional References

References