CVE-2019-7839

Sažetak

ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

Reference

http://packetstormsecurity.com/files/153439/Coldfusion-JNBridge-Remote-Code-Execution.html
https://helpx.adobe.com/security/products/coldfusion/apsb19-27.html
https://seclists.org/bugtraq/2019/Jun/38

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

04-09-2020 - 14:21

Objavljeno

12-06-2019 - 16:29