Vulnerability in Adobe Coldfusion

CVE-2019-7091

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

EPSS: 0.631 (98.4th percentile) — read the EPSS interpretation.

Affected products

Adobe Coldfusion — versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier versions

References

helpx.adobe.com/security/products/coldfusion/apsb19-10.html (x_refsource_CONFIRM)