Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/coldfusion/apsb17-30.html | Mitigation Patch Vendor Advisory |
http://www.securitytracker.com/id/1039321 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/100708 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-12-01 00:29
Updated : 2020-09-04 07:09
NVD link : CVE-2017-11283
Mitre link : CVE-2017-11283
JSON object : View
CWE
CWE-502
Deserialization of Untrusted Data
Products Affected
adobe
- coldfusion