CVE-2019-7840
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a deserialization of unt
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
CRITICAL · CVSS 9.8
EPSS 0.49528
Schedule remediation
- EPSS ≥ 0.10 - elevated exploitation probability
- EPSS percentile: top 2% of all CVEs by exploitation likelihood
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0